Lucene search
K

8 matches found

Patchstack
Patchstack
added 2026/06/17 4:52 p.m.6 views

WordPress Simple Membership plugin <= 4.7.5 - Missing Authorization to Unauthenticated Arbitrary Member Account Deactivation vulnerability

Missing Authorization to Unauthenticated Arbitrary Member Account Deactivation vulnerability discovered by Nikita Fenko - self in WordPress Plugin Simple Membership versions = 4.7.5...

5.3CVSS5.3AI score0.00352EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-23555

Malware in sbrugna...

4.3CVSS4.8AI score0.00566EPSS
Exploits1References2
OSV
OSV
added 2021/09/23 11:18 p.m.9 views

GHSA-65P7-PJJ8-GGMR Member account takeover

Impact An error in the implementation of the member email change functionality allows unauthenticated users to change the email address of arbitrary member accounts to one they control by crafting a request to the relevant API endpoint, and validating the new address via magic link sent to the ne...

6.5CVSS7.1AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/06/03 9:15 p.m.2 views

CVE-2020-35972

An issue was discovered in YzmCMS V5.8. There is a CSRF vulnerability that can add member user accounts via member/member/add.html...

4.3CVSS5.4AI score0.00566EPSS
Exploits1References2
CNVD
CNVD
added 2018/04/24 12:0 a.m.5 views

WUZHI CMS Cross-Site Request Forgery Vulnerability (CNVD-2018-08547)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site request forgery vulnerability exists in index.php?m=member&v=pwreset in WUZHI CMS version 4.1.0. A remote attacker can exploit the vulnerability to...

8.8CVSS7AI score0.0248EPSS
Exploits5References1
CNVD
CNVD
added 2016/12/27 12:0 a.m.1 views

SQL Injection Vulnerability in YzmCMS /member/account.php Page

YzmCMS is a lightweight and open source content management system based on PHP+Mysql architecture, running on Linux, Windows, MacOSX, Solaris and other platforms. YzmCMS /member/account.php page has a SQL injection vulnerability. Because the /member/account.php page does not filter parameters, an...

7.8AI score
Exploits0
seebug.org
seebug.org
added 2014/04/17 12:0 a.m.56 views

方维O2O城市生活服务平台后门任意文件上传漏洞(官网演示getshell)

简要描述: 用户好像不太多,但基本都有这个后门文件 详细说明: 后门文件路径 /esfile.php 官网介绍 http://www.fanwe.com/o2o 前台演示地址:http://o2o.fanwe.net/ 会员账号:fanwe 密码:fanwe http://o2o.fanwe.net/index.php?ctl=uccenter 分享处上传图片马 F12去掉尺寸,得到图片马地址 http://o2o.fanwe.net/public/comment/201404/17/10/1acafed8eeffa043489a4321b877e36690.jpg Getshell...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/02/11 12:0 a.m.24 views

IP.Gallery 4.2.x and 5.0.x Persistent XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: IP.Gallery 4.2.x and 5.0.x persistent XSS vulnerability image title is vulnerable to persistent XSS vulnerability which allow any normal member to hack any administrator account or any other member account. we contacted the vend...

7.1AI score
Exploits0
Rows per page
Query Builder