Lucene search
K

5 matches found

Debian CVE
Debian CVE
added 2026/06/17 5:50 p.m.5 views

CVE-2026-48818

Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSRF. An UNC path such as \attacker.com\share can cause os.path.realpath to initiate an outbound SMB connection before the path is rejected, exposing the service account’s...

7.5CVSS5.3AI score0.00368EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/10 5:27 p.m.4 views

CVE-2026-30969

Coral Server is open collaboration infrastructure that enables communication, coordination, trust and payments for The Internet of Agents. Prior to 1.1.0, Coral Server did not enforce strong authentication between agents and the server within an active session. This could allow an attacker who...

7.6CVSS5.8AI score0.00381EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.20 views

WordPress FileOrganizer Plugin <= 1.0.9 is vulnerable to Arbitrary File Upload

Software FileOrganizer Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7985 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9a28a4363098 Credits TANG Cheuk Hei siunam Required privilege...

8.8CVSS6.8AI score0.02235EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/08/29 12:0 a.m.21 views

WordPress Taxi Booking Manager for WooCommerce Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Taxi Booking Manager for WooCommerce Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43986 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cd7a0b805b0e Credits Sharanabasappa...

5.9CVSS6.6AI score0.00262EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/03 12:0 a.m.3 views

WordPress Contact Form by TotalForm Plugin <= 1.0.0 is vulnerable to Backdoor

Software Contact Form by TotalForm Type Plugin Vulnerable versions = 1.0.0 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0dad1dc6ec75 Credits Sansec.io Required privilege Unauthenticated Published ...

7.2AI score
Exploits0References3Affected Software1
Rows per page
Query Builder