Lucene search
K

12 matches found

NVD
NVD
added 2026/04/07 7:16 p.m.5 views

CVE-2026-39355

Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the genealogy application allows any authenticated user to transfer ownership of arbitrary non-personal teams to themselves. This enables complete takeover of other users’ team workspaces...

9.9CVSS0.00315EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/07 6:56 p.m.15 views

CVE-2026-39355 Genealogy is Missing Authorization in `TeamController::transferOwnership()` Allows Any Authenticated User to Hijack Any Team (Broken Access Control)

Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the genealogy application allows any authenticated user to transfer ownership of arbitrary non-personal teams to themselves. This enables complete takeover of other users’ team workspaces...

9.9CVSS0.00315EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

Genealogy 安全漏洞

Genealogy is a family tree PHP application developed by the creators of KREAWEB.be. Versions of Genealogy prior to 5.9.1 contained security vulnerabilities; these vulnerabilities stemmed from access control issues, which could allow arbitrary non-personal team ownership to be transferred...

9.9CVSS5.9AI score0.00315EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25150

Malicious code in bioql PyPI...

8CVSS7.9AI score0.00298EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25149

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00272EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/08/21 6:6 p.m.349 views

Exploit for CVE-2025-55287

CVE-2025-55287-POC Authenticated Stored Cross-Site Scripting...

8CVSS6.3AI score0.00298EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/08/20 5:33 p.m.12 views

CVE-2025-55287

Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Stored Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI...

8CVSS6.5AI score0.00298EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/18 4:57 p.m.3 views

CVE-2025-55288 Genealogy has a Reflected XSS Vulnerability

Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and U...

5.5CVSS5.9AI score0.00272EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/18 4:57 p.m.10 views

CVE-2025-55288 Genealogy has a Reflected XSS Vulnerability

Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and U...

5.5CVSS0.00272EPSS
Exploits0References2
OSV
OSV
added 2025/08/18 4:57 p.m.5 views

CVE-2025-55288 Genealogy has a Reflected XSS Vulnerability

Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and U...

5.5CVSS5.9AI score0.00272EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/18 4:54 p.m.9 views

CVE-2025-55287 Genealogy has a stored XSS vulnerability

Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Stored Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI...

8CVSS0.00298EPSS
Exploits1References2
OSV
OSV
added 2025/08/18 4:54 p.m.6 views

CVE-2025-55287 Genealogy has a stored XSS vulnerability

Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Stored Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI...

8CVSS6.6AI score0.00298EPSS
Exploits1References4
Rows per page
Query Builder