CVE-2026-38587

An Insecure Direct Object Reference IDOR vulnerability was discovered in ONLYOFFICE DocSpace before 3.2.1. The flaw exists in multiple REST API endpoints. This allows authenticated users with low-level permissions User or Guest to retrieve sensitive information, such as the Owner's unique...

EUVD-2025-199638

Primakon Pi Portal 1.0.18 /api/v2/ppusers endpoint fails to adequately check user permissions before processing a PATCH request to modify the PPSECURITYPROFILEID. Because of weak access controls any low level user can use this API and change their permission to Administrator by using...

EUVD-2021-11077

Malware in sbrugna...

EUVD-2021-11193

Malware in sbrugna...

EUVD-2021-33967

Malicious code in bioql PyPI...

EUVD-2023-12341

Malicious code in bioql PyPI...

CVE-2022-1964

The Easy SVG Support WordPress plugin before 3.3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads...

CVE-2021-24279

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, low level users, such as subscribers, could use the importfromdebug AJAX action to install any plugin from the WordPress repository...

Sql injection

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

Sql injection

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

CVE-2023-3256

Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files...

PT-2023-3612 · Advantech · Advantech R-Seenet

Name of the Vulnerable Software and Affected Versions: Advantech R-SeeNet version 2.4.22 Description: The issue is related to incorrect external control of a file name or path, allowing a remote attacker to gain unauthorized access to local files by sending specially crafted HTTP requests. This c...

Sql injection

The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...

Font Awesome < 4.3.2 - Contributor+ Stored XSS

The plugin does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins. PoC Exploit shortcode: icon...

PT-2022-6871 · Ibm · Ibm Cognos Analytics

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics versions 11.1.7 through 11.2.1 Description: The issue is related to a lack of protection for service data in IBM Cognos Analytics, which could allow a low-level user to obtain sensitive information from the details of the...

Sql injection

The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the order and orderby parameters to the ajaxfetchreportlist action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protecti...

Improper Authorization in janeczku/calibre-web

Description With default settings, low-level users will not have permission to edit the sort order of books in private shelf of another user. However, due to incorrect checking, the application does not work as intended. Proof of Concept - Step 1: Login with admin account and go to...

Improper Access Control in janeczku/calibre-web

Description With default settings, low-level users will not have permission to create new shelf with public mode. However, due to incorrect checking, the function does not work as intended. Steps To Reproduce - Step 1: Login with admin account and go to http://hostname:8083/admin/user/new. Create...

Cross site scripting

The CoolClock WordPress plugin before 4.3.5 does not escape some shortcode attributes, allowing users with a role as low as Contributor toperform Stored Cross-Site Scripting attacks...

CVE-2021-34627

A vulnerability in the getSelectedMimeTypesByRole function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to view custom extensions added by administrators. This issue affects versions 2.2.3 and prior...