Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/01/14 2:36 p.m.26 views

CVE-2026-22237 Exposed Internal API Documentation Vulnerability in BLUVOYIX

The vulnerability exists in BLUVOYIX due to the exposure of sensitive internal API documentation. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the APIs exposed by the documentation. Successful exploitation of this vulnerability...

10CVSS0.00422EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.5 views

PT-2026-2860

The vulnerability exists in BLUVOYIX due to the exposure of sensitive internal API documentation. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the APIs exposed by the documentation. Successful exploitation of this vulnerability...

10CVSS6.9AI score0.00422EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/01/09 10:13 p.m.7 views

CVE-2022-3343 WPQA < 5.9.3 - Missing validation lead to functionality abuse

The WPQA Builder WordPress plugin before 5.9.3 which is a companion plugin used with Discy and Himer Discy WordPress themes incorrectly tries to validate that a user already follows another in the wpqafollowingyouajax action, allowing a user to inflate their score on the site by having another us...

3.9AI score0.00488EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2022/12/13 12:0 a.m.19 views

WPQA < 5.9.3 - Missing validation lead to functionality abuse

The plugin which is a companion plugin used with Discy and Himer themes incorrectly tries to validate that a user already follows another in the wpqafollowingyouajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them. PoC...

3.5CVSS1.4AI score0.00488EPSS
Exploits2Affected Software3
wpexploit
wpexploit
added 2022/12/13 12:0 a.m.387 views

WPQA < 5.9.3 - Missing validation lead to functionality abuse

The plugin which is a companion plugin used with Discy and Himer themes incorrectly tries to validate that a user already follows another in the wpqafollowingyouajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them...

3.5CVSS3.9AI score0.00488EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2022/04/14 3:15 p.m.3 views

CVE-2022-1256

A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges through manipulation...

7.8CVSS7.1AI score0.0025EPSS
Exploits0References2
NVD
NVD
added 2020/09/17 5:15 p.m.10 views

CVE-2020-24046

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This restricted shell can be bypassed after changing the properties of the user admin in the operating...

9CVSS0.03408EPSS
Exploits1References4
Cvelist
Cvelist
added 2018/07/17 1:0 p.m.28 views

CVE-2018-6681 SB10244 - Network Security Management (NSM) - Abuse of Functionality vulnerability

Abuse of Functionality vulnerability in the web interface in McAfee Network Security Management NSM 9.1.7.11 and earlier allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via appliance web interface...

5.5CVSS5.6AI score0.00498EPSS
Exploits0References1
0day.today
0day.today
added 2012/12/15 12:0 a.m.24 views

WordPress RokBox Multiple Vulnerabilities

These are Cross-Site Scripting, Full path disclosure, Abuse of Functionality, Denial of Service, Arbitrary File Upload, Content Spoofing and Information Leakage vulnerabilities. Rokbox uses TimThumb 1.16 and JW Player 4.4.198, so some of vulnerabilities are related to plugin itself, some to...

7AI score
Exploits0
Rows per page
Query Builder