36096 matches found
MINI-87PW-F7C2-QGJG
Bulletin has no description...
MINI-3J89-RWX6-3W74
Bulletin has no description...
MINI-3FXX-H57F-PWHQ
Bulletin has no description...
MINI-4477-934Q-RF24
Bulletin has no description...
MINI-H89H-8XMH-JWPP
Bulletin has no description...
MINI-8WVX-RVJG-9QXV
Bulletin has no description...
MINI-F8M9-9FXW-66JR
Bulletin has no description...
MINI-495G-8688-HXJP
Bulletin has no description...
MINI-5274-2Q96-MV47
Bulletin has no description...
MINI-XCM9-PXRR-3QQ6
Bulletin has no description...
WordPress SP Project & Document Manager plugin <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure vulnerability
Missing Authorization to Unauthenticated Arbitrary File Information Disclosure vulnerability discovered by Namdn - Vncsglobal in WordPress Plugin SP Project & Document Manager versions = 4.71...
CGA-MF9G-2RQJ-5768
Bulletin has no description...
MINI-HMXX-P9XC-4Q59
Bulletin has no description...
CVE-2026-10737 SP Project & Document Manager <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure via view_file() Function
The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the viewfile function in all versions up to, and including, 4.71. This makes it possible for unauthenticated attackers to read file metadata and obtain download links f...
CVE-2026-10737 SP Project & Document Manager <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure via view_file() Function
The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the viewfile function in all versions up to, and including, 4.71. This makes it possible for unauthenticated attackers to read file metadata and obtain download links f...
CVE-2026-10737
The SP Project & Document Manager plugin for WordPress is affected up to version 4.71 by an access control flaw in view_file that allows unauthenticated attackers to read file metadata and obtain download links for files stored in project folders. The authorization gate uses a negated nonce check...
CVE-2026-45282
A flaw was found in Nextcloud Server. An authenticated attacker, by knowing a share token and a document ID, could access attachments of link shares. This circumvents password protection or download restrictions, leading to the disclosure of sensitive information from attachments. Mitigation...
CVE-2025-65640
The CVE-2025-65640 issue affects Arket Globe Document Intelligence 5.0.0.559 (Task in Progress / Recent page). It is a Cross Site Scripting (XSS) vulnerability caused by improper sanitization/escaping of user input in text fields when creating a new document, allowing injected JavaScript to run i...
PT-2026-46312
Name of the Vulnerable Software and Affected Versions Arket Globe Document Intelligence version 5.0.0.559 Description Cross Site Scripting XSS occurs in the "Task in Progress / Recent" page due to improper sanitization of user input in text fields during the creation of a new document. An...
CVE-2025-65640
Cross Site Scripting XSS vulnerability in the "Task in Progress / Recent" page in Arket Globe Document Intelligence 5.0.0.559 due to improper sanitization of user input in text fields when creating a new document. Specifically, when an authenticated attacker submits data containing JavaScript cod...