Lucene search
K

15 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/16 9:59 p.m.3 views

CVE-2026-40249

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...

6.9CVSS6AI score0.00321EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2026/03/18 1:5 p.m.5 views

WordPress WPVulnerability plugin <= 4.2.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin WPVulnerability versions = 4.2.1...

6.5CVSS5.8AI score0.00363EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.3 views

CVE-2025-67993 WordPress Atarim plugin <= 4.2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through = 4.2.1...

6.5CVSS5.3AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/17 6:33 p.m.8 views

CVE-2025-34282 ThingsBoard < v4.2.1 SVG Image SSRF

ThingsBoard versions 4.2.1 contain a server-side request forgery SSRF vulnerability in the dashboard's Image Upload Gallery feature. An attacker can upload a malicious SVG file that references a remote URL. If the server processes the SVG file in a way that parses external references, it may...

6.9CVSS0.01658EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/05/22 6:48 p.m.17 views

CVE-2021-41947

A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode...

7.2CVSS7.9AI score0.0114EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:46 p.m.9 views

CVE-2020-18325

Multilple Cross Site Scripting XSS vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel...

6.1CVSS5.9AI score0.02147EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:27 p.m.11 views

CVE-2020-28849

Cross Site Scripting XSS vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module...

5.4CVSS6.4AI score0.00411EPSS
Exploits1
NVD
NVD
added 2025/03/31 1:15 p.m.7 views

CVE-2025-31601

Cross-Site Request Forgery CSRF vulnerability in appointy Appointy Appointment Scheduler appointy-appointment-scheduler allows Cross Site Request Forgery.This issue affects Appointy Appointment Scheduler: from n/a through = 4.2.1...

6.5CVSS0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

WordPress plugin miniorange otp verification 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8.7AI score0.00328EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/10 6:24 a.m.7 views

WordPress Smash Balloon Social Post Feed plugin <= 4.2.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Smash Balloon Social Post Feed versions = 4.2.1...

4.3CVSS7AI score0.002EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2023/10/18 10:50 p.m.3 views

Missing Release of Resource after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime via the AuthenticationService. A cached token persists after the lifetime of the request due to an improper implementation of relations between ITokens and IUsers. An attacker can cau...

5.3CVSS6.9AI score0.00449EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.4 views

Subrion CMS跨站脚本漏洞

Subrion CMS is a PHP-based content management system CMS from the Subrion team. The system can be integrated into websites and supports a variety of extensions plugins and more. A cross-site scripting vulnerability exists in Subrion version 4.2.1, which can be triggered by an attacker via a heade...

6.1CVSS5.9AI score0.00641EPSS
Exploits1References2
CNVD
CNVD
added 2017/10/18 12:0 a.m.0 views

Unspecified Vulnerability in Oracle Hospitality Guest Access (CNVD-2017-31510)

Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle Corporation. The solution provides human resources cost management, provide customers with the entire journey of service tracking management to improve custome...

5.3CVSS5.8AI score0.01226EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/27 12:0 a.m.5 views

Unspecified Vulnerability in Oracle Hospitality e7

Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle Corporation. hospitality e7 is a single point component of this. A security vulnerability exists in the Other subcomponent of the Hospitality e7 component of...

4.3CVSS6.7AI score0.01389EPSS
Exploits0References1
OSV
OSV
added 2017/04/21 2:59 p.m.2 views

CVE-2016-1194

Cybozu Garoon before 4.2.1 allows remote attackers to cause a denial of service...

6.5CVSS5.8AI score
Exploits0References3
Rows per page
Query Builder