Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 5 days ago8 views

CVE-2026-42070

Mantis Bug Tracker MantisBT is an open source issue tracker. Prior to 2.28.2, the mcissueupdate function in MantisBT allows users having updatebugthreshold access UPDATER, with default settings to edit, change view state, and modify time tracking on bugnotes belonging to other users — bypassing t...

5.3CVSS5.8AI score0.00043EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/28 12:0 a.m.6 views

Mantis Bug Tracker 安全漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker prior to 2.28.2 contained a security vulnerability. This vulnerability stemmed from the mcissueupdate function, which allowed users with the updatebugthreshold permission to...

5.3CVSS5.8AI score0.00043EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/13 4:26 a.m.5 views

CVE-2026-7619

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and including, 1.8.10.4 due to insufficient escaping on the user supplied parameter and lack of...

6.5CVSS5.9AI score0.00036EPSS
Exploits0References9
CVE
CVEadded 2026/05/13 4:26 a.m.9 views

CVE-2026-7619

The CVE-2026-7619 entry details an authenticated SQL Injection in the Charitable WordPress plugin (

6.5CVSS5.9AI score0.00036EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2025/12/05 12:0 a.m.2 views

PT-2025-49299

Name of the Vulnerable Software and Affected Versions Nextcloud Deck versions prior to 1.14.6 Nextcloud Deck versions prior to 1.15.2 Description Nextcloud Deck is a kanban style organization tool for personal and team project management integrated with Nextcloud. A flaw in the permission logic...

5.4CVSS6.3AI score0.00019EPSS
Exploits0References10
RedhatCVE
RedhatCVEadded 2025/05/23 5:41 a.m.4 views

CVE-2023-0479

The Print Invoice & Delivery Notes for WooCommerce WordPress plugin before 4.7.2 is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the editothersshoporders capability...

6.1CVSS6.4AI score0.00246EPSS
Exploits2References1
Positive Technologies
Positive Technologiesadded 2023/05/12 12:0 a.m.3 views

PT-2023-19939 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue allows a user with permissions to edit other users and to create personal access tokens to elevate their privileges to system admin. Recommendations: At the moment, there is no...

8.8CVSS8.5AI score0.0025EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2021/10/15 12:0 a.m.2 views

PT-2021-23574 · Unknown · Shinher Studyonline System

Name of the Vulnerable Software and Affected Versions: ShinHer StudyOnline System affected versions not specified Description: The issue concerns the "Study Edit" function, which lacks proper permission control. This allows remote attackers to access and edit other users' tutorial schedules by...

5.5CVSS5.3AI score0.00122EPSS
Exploits0References3
Rows per page
Query Builder