Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/02/27 4:13 a.m.4 views

CVE-2026-2356

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2 via the 'registermember' function, due to missing validation on the 'memberid' user...

5.3CVSS5.5AI score0.00055EPSS
Exploits0References1
NVD
NVDadded 2026/02/26 3:16 a.m.5 views

CVE-2026-2356

The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2 via the 'registermember' function, due to missing validation on the 'memberid' user...

5.3CVSS0.00055EPSS
Exploits0References2
NVD
NVDadded 2025/12/08 3:16 a.m.1 views

CVE-2025-14210

A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /deletemember.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...

9.8CVSS0.00031EPSS
Exploits1References4
OSV
OSVadded 2023/08/31 12:30 a.m.12 views

GHSA-7422-7RQ6-J4QV Badaso vulnerable to cross-site scripting

Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function...

5.4CVSS5.6AI score0.00405EPSS
Exploits1References4
OSV
OSVadded 2023/08/30 10:15 p.m.11 views

CVE-2023-38970

Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function...

5.4CVSS7.4AI score
Exploits0References2
Prion
Prionadded 2023/08/30 10:15 p.m.11 views

Cross site scripting

Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function...

4.9CVSS5.7AI score0.00405EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2023/08/30 12:0 a.m.1 views

Badaso 跨站脚本漏洞

Badaso is an open source Laravel Vue headless CMS from Uasoft Open Source. A cross-site scripting vulnerability exists in Badaso versions v.0.0.1 through v.2.9.7, which stems from a vulnerability that allows remote attackers to execute arbitrary code via a crafted payload on the Name of membe...

5.4CVSS6AI score0.00405EPSS
Exploits1References3
securityvulns
securityvulnsadded 2005/03/22 12:0 a.m.36 views

-==CoolForum Path Disclosure & Possible SQL Injection==-

/ -------------------------------------------------------- Neo Security Team NST® - Advisory 11 - 20/03/05 -------------------------------------------------------- Program: CoolForum Homepage: http://coolforum.net/ Vulnerable Versions: CoolForum v.0.8.1 beta & Lowers Risk: Low!! Impact: Path...

7.4AI score
Exploits0
Rows per page
Query Builder