Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-2108

Malware in sbrugna...

7.1CVSS6AI score0.00604EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54605

Malicious code in bioql PyPI...

5.1CVSS6.3AI score0.00103EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/30 4:47 p.m.23 views

CVE-2024-47056

SummaryThis advisory addresses a security vulnerability in Mautic where sensitive .env configuration files may be directly accessible via a web browser. This exposure could lead to the disclosure of sensitive information, including database credentials, API keys, and other critical system...

5.1CVSS6.7AI score0.00103EPSS
Exploits0References1
OSV
OSV
added 2025/05/28 5:38 p.m.2 views

GHSA-VPH5-GHQ3-Q782 Mautic segment cloning doesn't have a proper permission check

Summary This advisory addresses a security vulnerability in Mautic related to the segment cloning functionality. This vulnerability allows any authenticated user to clone segments without proper authorization checks. Insecure Direct Object Reference IDOR / Missing Authorization: A missing...

4.3CVSS6.8AI score0.00211EPSS
Exploits0References3
CVE
CVE
added 2025/05/28 5:34 p.m.49 views

CVE-2024-47055

CVE-2024-47055 concerns Mautic where the cloneAction in the segment management exposes a Missing Authorization vulnerability (IDOR). An authenticated user can clone segments without proper permission checks, bypassing access controls. The root cause is insufficient authorization in the cloneActio...

4.3CVSS4.5AI score0.00211EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/28 5:34 p.m.15 views

CVE-2024-47055 Segment cloning doesn't have a proper permission check

SummaryThis advisory addresses a security vulnerability in Mautic related to the segment cloning functionality. This vulnerability allows any authenticated user to clone segments without proper authorization checks. Insecure Direct Object Reference IDOR / Missing Authorization: A missing...

4.3CVSS0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/28 4:17 p.m.24 views

CVE-2025-5257 Predictable Page Indexing Might Lead to Sensitive Data Exposure

SummaryThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information. Unauthorized Access to...

6.5CVSS0.00298EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/30 3:55 p.m.53 views

CVE-2021-27913 Use of a Broken or Risky Cryptographic Algorithm

The function mtrand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under...

3.5CVSS4.3AI score0.00458EPSS
Exploits1References1
Rows per page
Query Builder