406794 matches found
Masteriyo LMS <= 1.7.3 - Insecure Direct Object Reference
Authentication Bypass Using an Alternate Path or Channel vulnerability in Masteriyo Masteriyo - LMS. Unauth access to course progress.This issue affects Masteriyo - LMS: from n/a through 1.7.3. id: CVE-2024-33939 info: name: Masteriyo LMS = 1.7.3 - Insecure Direct Object Reference author:...
Apache CloudStack - SAML Signature Exclusion
The CloudStack SAML authentication disabled by default does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass SAML authentication by submitting a spoofed SAML response...
KubePi JwtSigKey - Admin Authentication Bypass
KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...
WooCommerce Payments - Unauthorized Admin Access
An issue in WooCommerce Payments plugin for WordPress versions 5.6.1 and lower allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the...
Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection
The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. id: CVE-2023-1020 info: name: Steveas WP Live Chat Shoutbox = 1.4.2 - SQL...
LatePoint <= 5.0.11 - SQL Injection
The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL Injection in versions up to, and including, 5.0.11. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...
Push Notification for Post and BuddyPress <= 1.93 - SQL Injection
Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to SQL Injection via the 'onesignalexternalid' and 'onesignalgetsubscriptionoptionsid' paramters in all versions up to, and including, 1.93 due to insufficient escaping on the user supplied parameter and lack of sufficie...
PowerJob <=4.3.2 - Unauthenticated Access
PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface. id: CVE-2023-29923 info: name: PowerJob =4.3.2 - Unauthenticated Access author: For3stCo1d severity: medium description: | PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface. impact: ...
Arcserve Unified Data Protection - Authentication Bypass
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin function within wizardLogin. id: CVE-2024-0799 info: name: Arcserve Unified Data Protection -...
Korenix JetPort 5601v3 - Path Traversal
The pathname of the root directory to a Restricted Directory 'Path Traversal' vulnerability in Korenix JetPort 5601 allows Path Traversal.This issue affects JetPort 5601- through 1.2. id: CVE-2024-11303 info: name: Korenix JetPort 5601v3 - Path Traversal author: geeknik severity: high description...
WordPress < 4.8.2 - Authenticated Open Redirect
WordPress versions before 4.8.2 contain an open redirect caused by improper validation in wp-admin/edit-tag-form.php and wp-admin/user-edit.php, letting attackers redirect users to malicious sites, exploit requires access to admin interface. id: CVE-2017-14725 info: name: WordPress 4.8.2 -...
Episerver 7 - Blind XML External Entity Injection
Episerver 7 patch 4 and earlier contains an XML external entity XXE caused by processing crafted DTD in XML requests involving util/xmlrpc/Handler.ashx, letting remote attackers read arbitrary files, exploit requires sending malicious XML payloads. id: CVE-2017-17762 info: name: Episerver 7 - Bli...
FineCMS <5.0.9 - Open Redirect
FineCMS 5.0.9 contains an open redirect vulnerability via the url parameter in a sync action. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2017-11586 info: name: FineCMS 5.0.9 - Open...
Scramble Laravel - Remote Code Execution
Scramble for Laravel = 0.13.2 and = 0.13.2 and 0.13.22 contains a remote code execution caused by evaluation of user-controlled input in validation rules during documentation generation, letting remote attackers execute arbitrary PHP code, exploit requires publicly accessible documentation...
Xerte Online Toolkits <= 3.15 - Remote Code Execution
Xerte Online Toolkits versions 3.15 and earlier expose the elFinder file manager connector at /editor/elfinder/php/connector.php without authentication CVE-2026-34413, because the access-control redirect for unauthenticated users does not call exit/die and execution continues server-side. This is...
Fortinet FortiSandbox - Command Injection
Fortinet FortiSandbox 4.4.0 through 4.4.8 contains a command injection caused by improper neutralization of special elements in OS commands, letting attackers execute unauthorized code or commands, exploit requires crafted input. id: CVE-2026-39808 info: name: Fortinet FortiSandbox - Command...
Apache Tomcat Tribes EncryptInterceptor Bypass - Remote Code Execution
Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. id: CVE-2026-34486 info: name: Apache Tomcat Tribes EncryptInterceptor Bypass - Remote...
Umbraco <7.4.0- Server-Side Request Forgery
Umbraco before version 7.4.0 contains a server-side request forgery vulnerability in feedproxy.aspx that allows attackers to send arbitrary HTTP GET requests via http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index. id: CVE-2015-8813 info: name: Umbraco 7.4.0- Server-Side Request...
LiteLLM - SQL Injection
LiteLLM 1.81.16 to 1.83.7 contains a SQL injection caused by improper handling of caller-supplied key in database query during proxy API key checks, letting unauthenticated attackers read and modify database data, exploit requires crafted Authorization header. id: CVE-2026-42208 info: name: LiteL...
Geo Mashup <= 1.13.17 - SQL Injection
Geo Mashup WordPress plugin = 1.13.17 contains a SQL injection caused by insufficient escaping of the 'sort' parameter, letting unauthenticated attackers extract sensitive database information remotely. id: CVE-2026-2416 info: name: Geo Mashup = 1.13.17 - SQL Injection author: Shivam Kamboj...