CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

RedhatCVE•added 2026/03/05 7:31 p.m.•1 views

CVE-2026-28782

Craft is a content management system CMS. Prior to 5.9.0-beta.1 and 4.17.0-beta.1, the "Duplicate" entry action does not properly verify if the user has permission to perform this action on the specific target elements. Even with only "View Entries" permission where the "Duplicate" action is...

5.3CVSS6AI score0.00042EPSS

Exploits1References1

NVD•added 2026/03/04 5:16 p.m.•3 views

CVE-2026-28782

5.3CVSS0.00042EPSS

Exploits1References2

OSV•added 2026/03/04 4:36 p.m.•1 views

CVE-2026-28782 Craft has a Permission Bypass and IDOR in Duplicate Entry Action

5.3CVSS5.9AI score0.00042EPSS

Exploits1References4

OSV•added 2026/03/03 9:5 p.m.•2 views

GHSA-JXM3-PMM2-9GF6 Craft CMS has Permission Bypass and IDOR in Duplicate Entry Action

Description The "Duplicate" entry action does not properly verify if the user has permission to perform this action on the specific target elements. Even with only "View Entries" permission where the "Duplicate" action is restricted in the UI, a user can bypass this restriction by sending a direc...

7.1CVSS6AI score0.00042EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-3308

Malware in sbrugna...

4.6CVSS5.9AI score0.00106EPSS

Exploits0References12

OSV•added 2024/07/12 1:15 p.m.•1 views

UBUNTU-CVE-2024-40995

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: fix possible infinite loop in tcfidrcheckalloc syzbot found hanging tasks waiting on rtnllock 1 A reproducer is available in the syzbot bug. When a request to add multiple actions with the same index is sent, t...

5.5CVSS6.2AI score0.00008EPSS

Exploits0References29

Positive Technologies•added 2023/12/04 12:0 a.m.•5 views

PT-2023-32463 · WordPress · Interactive Contact Form/Multi Step Form Builder With Drag & Drop Editor

Name of the Vulnerable Software and Affected Versions: The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor WordPress plugin versions prior to 3.4.2 Description: The issue concerns a lack of CSRF checks on certain form actions, such as deletion and duplication, which...

6.5CVSS6.5AI score0.00125EPSS

Exploits2References6

SUSE CVE•added 2023/02/15 5:27 a.m.•1 views

SUSE CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

3.5CVSS7.8AI score0.00347EPSS

Exploits1References4

SUSE CVE•added 2023/02/15 5:19 a.m.•1 views

SUSE CVE-2015-3255

The polkitbackendactionpoolinit function in polkitbackend/polkitbackendactionpool.c in PolicyKit aka polkit before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions...

4.6CVSS6.6AI score0.00106EPSS

Exploits0References6

Prion•added 2022/03/23 8:15 p.m.•13 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in Yoo Slider – Image Slider & Video Slider WordPress plugin allows attackers to trick authenticated users into unwanted slider duplicate or delete action...

3.5CVSS5.5AI score0.00106EPSS

Exploits0References2Affected Software1

OSV•added 2015/10/26 7:59 p.m.•1 views

DEBIAN-CVE-2015-3255

4.6CVSS6.1AI score0.00106EPSS

Exploits0References1

Prion•added 2015/10/26 7:59 p.m.•20 views

Design/Logic Flaw

4.6CVSS6.8AI score0.00106EPSS

Exploits0References8Affected Software1

CVE•added 2015/10/26 7:0 p.m.•112 views

CVE-2015-3255

CVE-2015-3255 affects PolicyKit (polkit) before 0.113. The vulnerability in polkitbackend/polkitbackendactionpool.c (polkit_backend_action_pool_init) may allow local users to gain privileges via duplicate action IDs in action descriptions. Impact is local privilege escalation with partial confide...

4.6CVSS4.5AI score0.00106EPSS

Exploits0References8Affected Software1