Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2025/11/30 10:32 a.m.6 views

CVE-2025-13787 ZenTao File control.php delete privileges management

A flaw has been found in ZenTao up to 21.7.6-8564. The affected element is the function file::delete of the file module/file/control.php of the component File Handler. Executing manipulation of the argument fileID can lead to improper privilege management. It is possible to launch the attack...

5.5CVSS0.00058EPSS
Exploits1References6
OSV
OSVadded 2025/08/22 4:49 p.m.3 views

GHSA-8P2F-FX4Q-75CX UnoPim has Broken Access Control

Summary In Unopim, it is possible to create roles and choose the privileges. However, users without the “Delete” privilege for Products cannot delete a single product via the standard endpoint expected behavior, but can still delete products via the mass-delete endpoint, even when the request...

8.1CVSS7.1AI score0.00094EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2025/08/22 12:0 a.m.4 views

PT-2025-34443 · Unopim +1 · Unopim +1

Name of the Vulnerable Software and Affected Versions: UnoPim versions 0.3.0 and earlier Description: UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Users lacking the necessary Delete privilege for products can bypass access controls by submitti...

8.1CVSS6.5AI score0.00094EPSS
Exploits1References12
CNNVD
CNNVDadded 2024/04/16 12:0 a.m.1 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Complex Maintenanc...

6.1CVSS7.4AI score0.0033EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/02/15 6:18 a.m.2 views

SUSE CVE-2005-0709

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, onexit, and exit...

4.6CVSS7.7AI score0.17936EPSS
Exploits1References4
OSV
OSVadded 2019/06/20 12:15 a.m.12 views

CVE-2019-12901

Pydio Cells before 1.5.0 fails to neutralize '../' elements, allowing an attacker with minimum privilege to Upload files to, and Delete files/folders from, an unprivileged directory, leading to Privilege escalation...

8.8CVSS6.9AI score
Exploits0References2
UbuntuCve
UbuntuCveadded 2005/05/02 4:0 a.m.25 views

CVE-2005-0710

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udfinit function...

4.6CVSS6.1AI score0.04583EPSS
Exploits1References2
Rows per page
Query Builder