13 matches found
EUVD-2025-10986
Malicious code in bioql PyPI...
EUVD-2022-42790
Malicious code in bioql PyPI...
EUVD-2025-10910
Malicious code in bioql PyPI...
CVE-2023-6447
The EventPrime WordPress plugin before 3.3.6 lacks authentication and authorization, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id/event name...
CVE-2023-2796
The EventON WordPress plugin before 2.1.2 lacks authentication and authorization in its eventonicsdownload ajax action, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id...
CVE-2024-1295 The Events Calendar (Free < 6.4.0.1, Pro < 6.4.0.1) - Contributor+ Arbitrary Events Access
The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. e.g. password-protected events, drafts, etc...
CVE-2024-1295 The Events Calendar (Free < 6.4.0.1, Pro < 6.4.0.1) - Contributor+ Arbitrary Events Access
The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. e.g. password-protected events, drafts, etc...
WordPress The Events Calendar < 6.4.0.1 - Authenticated (Contributor+) Arbitrary Events Access vulnerability
Authenticated Contributor+ Arbitrary Events Access vulnerability discovered by Scott Kingsley Clark in WordPress Plugin The Events Calendar versions 6.4.0.1...
CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access
The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...
CVE-2024-1316 Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access
The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. e.g. draft, private, pending review,...
Amazon Sandbox Accounts for Events Access Control Error Vulnerability
Amazon Sandbox Accounts for Events is an application from Amazon.com, Inc. It allows multiple temporary AWS accounts to be provisioned to multiple authenticated users at the same time through a browser-based GUI. An access control error vulnerability exists in Amazon Sandbox Accounts for Events...
DHIS 2 安全漏洞
DHIS 2 is a software application. A flexible information system for data capture, management, validation, analysis and visualization. A security vulnerability exists in DHIS 2 Core versions prior to 2.36.13, prior to 2.37.8, and prior to 2.38.2, which stems from the fact that users may be able to...
GitLab 安全漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE that stems from an incorrect...