Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/24 6:49 a.m.10 views

EUVD-2026-38714

The Ultimate Member plugin for WordPress is vulnerable to Account Takeover via Password Reset Link Disclosure in all versions up to and including 2.11.4. This is due to a chain of three logic bugs: 1 an MD5 hash fallback in getdirectorybyhash that allows any post to be used as a member directory ...

8.8CVSS5.9AI score0.00499EPSS
Exploits0References10
Openbugbounty
Openbugbounty
added 2022/10/17 7:59 p.m.13 views

surgicaldirect.net Cross Site Scripting vulnerability OBB-3002174

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
OSV
OSV
added 2022/07/08 4:15 p.m.3 views

CVE-2022-35406

A URL disclosure issue was discovered in Burp Suite before 2022.6. If a user views a crafted response in the Repeater or Intruder, it may be incorrectly interpreted as a redirect...

4.3CVSS5.7AI score0.00678EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.13 views

The vulnerability in the web interface of the microprogramming software for Cisco Wireless LAN Controllers of the 5500 series allows a intruder to disclose protected information.

The vulnerability of the web interface of microprogramming software for Cisco Wireless LAN Controllers of the 5500 series arises from insufficient checking of entered URI addresses. Exploiting this vulnerability can allow a malicious actor to disclose protected information using a specially craft...

5.3CVSS5.5AI score0.02507EPSS
Exploits0References5
Rows per page
Query Builder