Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-50172

Malicious code in bioql PyPI...

9.1CVSS7.5AI score0.00325EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2022/12/14 9:30 p.m.14 views

Multiple vulnerabilities in extension "Newsletter subscriber management" (fp_newsletter)

The CAPTCHA of the extension can be bypassed which may result in automated creation of various newsletter subscribers. It is possible to provide arbitrary subscription UIDs to the deleteAction of the extension resulting in all newsletter subscribers to be unsubscribed. Insufficient access checks ...

9.1CVSS8.7AI score0.00157EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2022/12/14 12:0 a.m.9 views

CVE-2022-47409

An issue was discovered in the fpnewsletter aka Newsletter subscriber management extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in deleteAction operations...

9.1CVSS9.4AI score0.00325EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/17 11:50 a.m.17 views

Security Bulletin: Improper authorization by non-admin user in IBM Content Navigator (CVE-2014-0858)

Summary Using 3rd party tools, a non-admin user can modify the URL action so that instead of a getAction, the user can perform a deleteAction against the configuration database. Vulnerability Details CVEID: CVE-2014-0858 DESCRIPTION: Improper authorization by non-admin user CVSS Base Score: 3.5...

3.5CVSS1.1AI score0.00142EPSS
Exploits1Affected Software1
seebug.org
seebug.orgadded 2014/03/03 12:0 a.m.26 views

IBM Content Navigator访问绕过漏洞

Bugtraq ID:65856 CVE ID:CVE-2014-0858 IBM Content Navigator是一个Web客户机,用来向用户提供控制台以处理多个内容服务器中的内容。 IBM Content Navigator存在安全漏洞,允许通过验证的用户提交修改过的URL来绕过访问限制,进行deleteAction攻击。 0 IBM Content Navigator 2.x 厂商补丁: IBM ----- IBM Content Navigator 2.0.2.2-ICN-FP002已经修复该漏洞,建议用户下载更新:...

3.5CVSS6.6AI score0.00142EPSS
Exploits1
NVD
NVDadded 2014/02/27 8:55 p.m.10 views

CVE-2014-0858

IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL...

3.5CVSS6AI score0.00142EPSS
Exploits1References2
Prion
Prionadded 2014/02/27 8:55 p.m.11 views

Design/Logic Flaw

IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL...

3.5CVSS6.5AI score0.00142EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2014/02/27 8:0 p.m.42 views

CVE-2014-0858

Summary: CVE-2014-0858 affects IBM Content Navigator 2.0.x prior to 2.0.2.2-ICN-FP002, where a non-admin user can bypass access controls and perform a deleteAction against the configuration database by modifying the URL. Root cause (as described): Improper authorization by non-admin user allowing...

3.5CVSS6.2AI score0.00142EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2014/02/27 8:0 p.m.18 views

CVE-2014-0858

IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL...

6AI score0.00142EPSS
Exploits1References2
Rows per page
Query Builder