Lucene search
+L

1118 matches found

Vulnrichment
Vulnrichment
added 2026/04/20 12:0 a.m.7 views

CVE-2026-39110

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

5.8AI score0.00295EPSS
Exploits0References3
CVE
CVE
added 2026/04/16 9:32 a.m.13 views

CVE-2024-4867

The CVE-2024-4867 entry describes a cross-site scripting (XSS) vulnerability in the WSO2 API Manager developer portal. User-supplied input is not properly validated or output-encoded, enabling injection of script content executed in the user’s browser. Exploitation can cause the UI to redirect to...

5.4CVSS5.7AI score0.00195EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/16 9:32 a.m.30 views

CVE-2024-4867 Cross-Site Scripting via Developer Portal in WSO2 API Manager Enables UI Modification and Information Retrieval

The WSO2 API Manager developer portal accepts user-supplied input without enforcing expected validation constraints or proper output encoding. This deficiency allows a malicious actor to inject script content that is executed within the context of a user's browser. By leveraging this cross-site...

5.4CVSS0.00195EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.7 views

PT-2026-33305

The authentication endpoint fails to encode user-supplied input before rendering it in the web page, allowing for script injection. An attacker can leverage this by injecting malicious scripts into the authentication endpoint. This can result in the user's browser being redirected to a malicious...

6.1CVSS5.7AI score0.0023EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.9 views

CVE-2026-39542

Insertion of Sensitive Information Into Sent Data vulnerability in Doofinder Doofinder for WooCommerce doofinder-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Doofinder for WooCommerce: from n/a through = 2.10.13...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.6 views

CVE-2026-39516

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through = 4.7.0...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.5 views

CVE-2026-39566

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...

4.3CVSS5.8AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:25 p.m.5 views

CVE-2026-39709

Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through = 1.3.4...

5.3CVSS5.8AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:24 p.m.4 views

CVE-2026-39586

Insertion of Sensitive Information Into Sent Data vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Retrieve Embedded Sensitive Data.This issue affects RepairBuddy: from n/a through = 4.1132...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:24 p.m.8 views

CVE-2026-39571

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through = 3.3.30...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References1
OSV
OSV
added 2026/04/13 9:49 a.m.8 views

SUSE-SU-2026:21104-1 Security update for python313

This update for python313 fixes the following issues: Update to version 3.13.13. - CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. - CVE-2026-2297: incorrectly handled hook in FileLoader can...

7.5CVSS6.7AI score0.00621EPSS
Exploits0References15
EUVD
EUVD
added 2026/04/08 9:31 a.m.11 views

EUVD-2026-20419

Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...

5.9AI score0.00265EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/08 9:31 a.m.4 views

EUVD-2026-20375

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf-manager allows Retrieve Embedded Sensitive Data.This issue affects BSK PDF Manager: from n/a through = 3.7.2...

5.9AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/08 9:31 a.m.7 views

EUVD-2026-20228

Insertion of Sensitive Information Into Sent Data vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Retrieve Embedded Sensitive Data.This issue affects RepairBuddy: from n/a through = 4.1132...

5.9AI score0.0024EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/08 9:31 a.m.3 views

EUVD-2026-20213

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through = 3.6.26...

5.9AI score0.00189EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/08 9:31 a.m.4 views

EUVD-2026-20219

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through = 3.3.30...

5.9AI score0.0024EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/08 9:31 a.m.7 views

EUVD-2026-20139

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through = 2.0.8...

5.9AI score0.00179EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/08 9:31 a.m.7 views

EUVD-2026-20140

Insertion of Sensitive Information Into Sent Data vulnerability in Pär Thernström Simple History simple-history allows Retrieve Embedded Sensitive Data.This issue affects Simple History: from n/a through = 5.24.0...

5.9AI score0.0024EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.3 views

CVE-2026-39709

Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through = 1.3.4...

5.3CVSS0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 9:16 a.m.4 views

CVE-2026-39686

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf-manager allows Retrieve Embedded Sensitive Data.This issue affects BSK PDF Manager: from n/a through = 3.7.2...

5.3CVSS0.00226EPSS
Exploits0References1
Rows per page
Query Builder