Lucene search
K

6 matches found

OSV
OSV
added 2025/08/25 9:15 p.m.6 views

CVE-2025-57805 The Scratch Channel's Publish Articles POST Request Can Upload Articles Without Validation

The Scratch Channel is a news website. In versions 1 and 1.1, a POST request to the endpoint used to publish articles, can be used to post an article in any category with any date, regardless of who's logged in. This issue has been patched in version 1.2...

8.7CVSS6.8AI score0.003EPSS
Exploits0References3
OSV
OSV
added 2021/10/08 4:15 p.m.4 views

CVE-2021-41976

Tad Uploader edit book list function is vulnerable to authorization bypass, thus remote attackers can use the function to amend the folder names in the book list without logging in...

5.3CVSS6.1AI score0.00999EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/10/08 2:53 p.m.3 views

CVE-2021-41564

Tad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers can use special parameters to delete articles arbitrarily without logging in...

6.5CVSS6.6AI score0.00999EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/19 12:0 a.m.4 views

LearningDigital Orca HCM digital learning platform 路径遍历漏洞

The LearningDigital Orca HCM digital learning platform is a digital learning platform from China-based LearningDigital. The Orca HCM digital learning platform suffers from a Path Traversal vulnerability that arises from the platform's directory page parameters not filtering special characters. A...

5.3CVSS5.9AI score0.01318EPSS
Exploits0References3
CNVD
CNVD
added 2018/02/24 12:0 a.m.4 views

TrendNET Router Device Information Disclosure Vulnerability

TEW-751DR\TEW-752DRU\TEW-733GR is a router product from TrendNET Trends. An information disclosure vulnerability exists in TrendNET router devices, which can be exploited by an attacker to obtain the admin user password without logging in...

7.5CVSS6.4AI score0.02068EPSS
Exploits1References1
CNVD
CNVD
added 2017/04/13 12:0 a.m.2 views

PHPCMS WAP module arbitrary file download vulnerability

PHPCMS is a website management software. The software is developed in a modular way and supports a variety of classification methods. Using it makes it easy to design, develop and maintain a personalized website. An arbitrary file download vulnerability exists in the PHPCMS WAP module, which can ...

7.1AI score
Exploits0References1
Rows per page
Query Builder