Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/16 6:39 a.m.6 views

CVE-2026-47137

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. A remote attacker could bypass a security check designed to prevent the combination of nested environments and disabled module loading. This bypass occurs because a strict equality check for the require option can be...

10CVSS5.8AI score0.00382EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/07 6:19 p.m.3 views

CVE-2026-39346

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source allowed authenticated users to bypass disabled-module access controls via URL-encoded request paths and access functionality of modules disabled by an administrator. This vulnerability is fix...

5.3CVSS5.9AI score0.00153EPSS
Exploits0References2Affected Software1
Friends Of PHP
Friends Of PHP
added 2018/10/17 12:52 p.m.8 views

EZSA-2018-006 XSS vulnerability in 'disabled module' error template

More info at http://share.ez.no/community-project/security-advisories/ezsa-2018-006-xss-vulnerability-in-disabled-module-error-template...

7.2AI score
Exploits0Affected Software1
Drupal
Drupal
added 2013/11/20 12:0 a.m.19 views

SA-CONTRIB-2013-093 - Invitation - Access Bypass

The Invitation module restricts registration to users who have an invite code for running a private beta. The module provides default views that don't check access to views prior to displaying private information like usernames and email addresses. CVE identifiers issued CVE-2013-7063 Versions...

5CVSS6.3AI score0.01354EPSS
Exploits0References9
Rows per page
Query Builder