Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 3 days ago7 views

CVE-2026-12515

A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where insufficient authorization checks in the ContentUploadsController allowed users with the editproducts permission to query content information for repositories outside the products they were authorized to...

4.3CVSS0.00197EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago5 views

EUVD-2026-37746

A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where insufficient authorization checks in the ContentUploadsController allowed users with the editproducts permission to query content information for repositories outside the products they were authorized to...

4.3CVSS5.3AI score0.00197EPSS
Exploits0References3
CVE
CVEadded 3 days ago8 views

CVE-2026-12515

The CVE concerns Katello within Red Hat Satellite where content uploads lack proper authorization checks in the ContentUploadsController. The issue allows users with the edit_products permission to query whether specific content exists in repositories outside their authorized products, revealing ...

4.3CVSS5.4AI score0.00197EPSS
Exploits0References3
OSV
OSVadded 2026/06/05 8:33 p.m.3 views

GHSA-H4MP-G9C6-XWPH Shopper: Missing authorization on Product admin Livewire sub-form components

Impact Sub-form Livewire components used in the product editor Edit, Inventory, Seo, Shipping, Files had no authorization on their store method. Any authenticated panel user, regardless of role, could mutate any product's pricing, stock, SEO metadata, shipping dimensions, and attached media witho...

6.5CVSS5.6AI score0.00221EPSS
Exploits0References4
OSV
OSVadded 2025/05/21 10:15 p.m.1 views

CVE-2025-5056

A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-products.php. The manipulation of the argument Category leads to sql injection. The attack can be launched...

9.8CVSS5.8AI score
Exploits0References5
CNNVD
CNNVDadded 2025/05/21 12:0 a.m.4 views

CampCodes Online Shopping Portal 注入漏洞

CampCodes Online Shopping Portal is an online shopping portal from CampCodes, Inc. An injection vulnerability exists in CampCodes Online Shopping Portal version 1.0, which stems from improper manipulation of the Category parameter in the file /admin/edit-products.php, which could lead to SQL...

9.8CVSS7.8AI score0.00415EPSS
Exploits1References5
Cvelist
Cvelistadded 2004/06/03 4:0 a.m.23 views

CVE-2003-1042

SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name...

7.8AI score0.02572EPSS
Exploits0References5
Rows per page
Query Builder