Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/03/21 3:27 a.m.28 views

CVE-2026-2720 Hr Press Lite <= 1.0.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Employee Information Exposure

The Hr Press Lite plugin for WordPress is vulnerable to unauthorized access of sensitive employee data due to a missing capability check on the hrp-fetch-employees AJAX action in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level...

6.5CVSS0.00231EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/16 10:11 a.m.4 views

CVE-2026-3021

Non-relational SQL injection vulnerability NoSQLi in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/centro/equipo/empleado'. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL...

7.1CVSS5.8AI score0.00215EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.3 views

PT-2026-25670

Non-relational SQL injection vulnerability NoSQLi in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/centro/equipo/empleado'. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL...

7.1CVSS5.8AI score0.00215EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 4:27 a.m.25 views

CVE-2025-11758

CVE-2025-11758 : All in One Time Clock Lite (WordPress)

6.5CVSS5AI score0.00249EPSS
Exploits0References5
CVE
CVE
added 2025/10/13 9:33 p.m.12 views

CVE-2025-62362

CVE-2025-62362 affects gpp-burgerportaal, a Dutch government citizen portal. In versions prior to 2.0.3, 3.0.2, and 4.0.1, the name and email address of employees who publish content are exposed in network responses and can be discovered via browser developer tools. This is an information disclos...

6.9CVSS5.9AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.13 views

SAP ERP HCM和SAP S/4HANA 安全漏洞

SAP ERP HCM and SAP S/4HANA are both products of SAP, an enterprise human resource management solution, and SAP S/4HANA, an enterprise resource management software based on the SAP HANA in-memory database system. SAP ERP HCM and SAP S/4HANA have an authorization issue vulnerability that stems fro...

5.8CVSS6.3AI score0.00307EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/10 12:0 a.m.2 views

SAP Fiori 安全漏洞

SAP Fiori, a user experience UX design system for SAP applications from SAP, Germany, provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, delivering a consistent, innovative experience for creators and users. A security...

5.4CVSS6.2AI score0.00213EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/02/21 10:13 a.m.3 views

Coinbase Employee Falls for SMS Scam in Cyber Attack, Limited Data Exposed

Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees. The company said its "cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information."...

7.1AI score
Exploits0
OSV
OSV
added 2020/03/25 6:15 p.m.4 views

CVE-2019-18626

Harris Ormed Self Service before 2019.1.4 allows an authenticated user to view W-2 forms belonging to other users via an arbitrary empNo value to the ORMEDMIS/Data/PY/T4W2Service.svc/RetrieveW2EntriesForEmployee URI, thus exposing sensitive information including employee tax information, social...

4.3CVSS5.9AI score0.00617EPSS
Exploits0References1
Rows per page
Query Builder