Lucene search
+L

229 matches found

Github Security Blog
Github Security Blog
added 2025/02/21 11:53 p.m.8 views

Leantime has Missing Authorization Check for Host Parameter

Finding Description Application has functionality for a user to view profile information. It does not have an implemented authorization check for "Host" parameter which allows a user to view profile information of another user by replacing "Host" parameter. Impact By exploiting this vulnerability...

6.7AI score
Exploits0References2Affected Software1
OSV
OSV
added 2025/02/21 11:53 p.m.1 views

GHSA-3HFJ-QCVJ-4HX8 Leantime has Missing Authorization Check for Host Parameter

Finding Description Application has functionality for a user to view profile information. It does not have an implemented authorization check for "Host" parameter which allows a user to view profile information of another user by replacing "Host" parameter. Impact By exploiting this vulnerability...

2.3CVSS6.7AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/13 2:14 a.m.4 views

CVE-2025-25241

Due to a missing authorization check, an attacker who is logged in to application can view/ delete �My Overtime Requests� which could allow the attacker to access employee information. This leads to low impact on confidentiality, integrity of the application. There is no impact on availability...

5.4CVSS6.7AI score0.00213EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/11 12:33 a.m.6 views

CVE-2025-23187 Missing Authorization Check in SAP NetWeaver and ABAP Platform (SDCCN)

Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an unauthenticated attacker could generate technical meta-data. This leads to a low impact on integrity. There is no impact on confidentiality or availability...

5.3CVSS5.5AI score0.00274EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 2:44 p.m.12 views

CVE-2020-6298

SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...

8.3CVSS6.8AI score0.00962EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.3 views

WordPress plugin WP-Chatbot for Messenger 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

5.4CVSS8.6AI score0.00579EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.4 views

WordPress plugin Instant CSS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

5.4CVSS8.5AI score0.00434EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.3 views

WordPress plugin Premmerce User Roles 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.1CVSS7.2AI score0.00469EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.4 views

WordPress plugin CHP Ads Block Detector 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS4.8AI score0.00327EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.6 views

WordPress plugin Grid Plus 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.5AI score0.00429EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.6 views

WordPress plugin Post Hit Counter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

4.3CVSS8.7AI score0.0049EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.3 views

WordPress plugin WP Accessibility Helper 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

4.3CVSS8.5AI score0.00408EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.12 views

WordPress plugin eRoom – Zoom Meetings & Webinar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS8.7AI score0.00552EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.5 views

WordPress plugin Photo Gallery by 10Web 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

4.3CVSS6.3AI score0.00498EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.2 views

WordPress plugin SiteOrigin Widgets Bundle 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS8.4AI score0.00592EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.4 views

WordPress plugin FluentForm 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS8.6AI score0.00461EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.5 views

WordPress plugin Video Gallery – YouTube Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin.... WordPress plugin Video...

7.5CVSS8.6AI score0.00805EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.6 views

WordPress plugin SAML SP Single Sign On 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

4.3CVSS8.5AI score0.00408EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.4 views

WordPress plugin Easyship WooCommerce Shipping Rates 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS8.1AI score0.00434EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.6 views

WordPress plugin Analytify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS8.6AI score0.00453EPSS
Exploits0References1
Rows per page
Query Builder