Lucene search
K

6 matches found

Snyk
Snyk
added 2026/05/29 10:7 p.m.10 views

Insertion of Sensitive Information into Log File

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the setCookie and start functions. An attacker can gain unauthorized access to...

6.7CVSS5.8AI score0.00015EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/29 10:1 p.m.10 views

Cross-site Request Forgery (CSRF)

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the enable process in modules/sso/clients.php when handling SAML or OIDC client state changes...

5.4CVSS5.8AI score0.00016EPSS
Exploits0References2
NVD
NVD
added 2026/05/22 10:16 p.m.16 views

CVE-2026-41076

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authentication bypass vulnerability in RT installations that use LDAP/AD for user authentication. Under certain LDAP server configurations, an attacker m...

8.1CVSS0.00392EPSS
Exploits0References3
NVD
NVD
added 2026/02/17 10:15 a.m.7 views

CVE-2026-1216

The RSS Aggregator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'template' parameter in all versions up to, and including, 5.0.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for unauthenticated...

7.2CVSS0.00236EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/17 8:19 a.m.13 views

CVE-2025-14375

The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘className’ parameter in all versions up to, and including, 5.0.10 due to insufficient input sanitization and output escaping. This makes it...

6.1CVSS5.6AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 2025/01/29 5:15 p.m.3 views

CVE-2023-37398

IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References1
Rows per page
Query Builder