Lucene search
+L

229 matches found

CNNVD
CNNVD
added 2022/08/06 12:0 a.m.3 views

WordPress plugin Sunshine Photo Cart 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

5.4CVSS5.5AI score0.00413EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/08/03 12:0 a.m.6 views

WordPress plugin Depicter Slider 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS8.3AI score0.00518EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/01/27 12:0 a.m.4 views

PT-2022-12234

Name of the Vulnerable Software and Affected Versions Single Connect affected versions not specified Description The issue arises from the lack of an authorization check in the sc-reports-ui module, allowing a remote attacker to access the device configuration page and export data to an external...

8.6CVSS7.3AI score0.01367EPSS
Exploits0References7
OSV
OSV
added 2022/01/24 8:15 a.m.4 views

CVE-2021-24906

The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin and therefore the protection offered via a crafted request...

7.5CVSS5.8AI score0.01489EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2021/07/27 12:0 a.m.44 views

SAP NetWeaver AS Missing Authorization Check (3059446)

A missing authorization check vulnerability exists in the Administration Workset of the SAP NetWeaver Guided Procedures versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50. An authenticated, remote attacker can exploit this, to escalate privileges and allow an unauthorized user the ability to...

8.8CVSS7.7AI score0.00732EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/01/14 10:35 p.m.27 views

CVE-2020-27220

The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command target device is configure...

8.8AI score0.01147EPSS
Exploits0References1
NVD
NVD
added 2020/11/10 5:15 p.m.33 views

CVE-2020-6316

SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check...

4.3CVSS4.6AI score0.00806EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/11/10 4:11 p.m.37 views

CVE-2020-6316

SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check...

4.3CVSS4.6AI score0.00806EPSS
Exploits0References2
OSV
OSV
added 2020/08/12 2:15 p.m.3 views

CVE-2020-6301

SAP ERP HCM Travel Management, versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check...

8.1CVSS7.3AI score0.00709EPSS
Exploits0References2
NVD
NVD
added 2020/08/12 2:15 p.m.20 views

CVE-2020-6298

SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...

8.3CVSS8.1AI score0.00962EPSS
Exploits0References2
OSV
OSV
added 2020/08/12 2:15 p.m.4 views

CVE-2020-6298

SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...

8.1CVSS7.3AI score0.00962EPSS
Exploits0References2
NVD
NVD
added 2020/08/12 2:15 p.m.13 views

CVE-2020-6301

SAP ERP HCM Travel Management, versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check...

8.1CVSS6.4AI score0.00709EPSS
Exploits0References2
Prion
Prion
added 2020/08/12 2:15 p.m.18 views

Authorization

SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...

5.5CVSS7.9AI score0.00962EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/08/12 2:15 p.m.14 views

Authorization

SAP ERP HCM Travel Management, versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check...

5.5CVSS8AI score0.00709EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/08/12 2:15 p.m.17 views

Authorization

SAP S/4 HANA Fiori UI for General Ledger Accounting, versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check...

4CVSS4.7AI score0.0056EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/08/12 1:50 p.m.38 views

CVE-2020-6301

SAP ERP (HCM Travel Management) versions 600–608 are affected by an access control vulnerability: an authenticated but unauthorized user can read, modify, and settle trips due to a missing authorization check. This leads to privilege escalation. The available connected documents confirm the affec...

8.1CVSS8AI score0.00709EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/08/12 1:50 p.m.19 views

CVE-2020-6301

SAP ERP HCM Travel Management, versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check...

5.4CVSS8.2AI score0.00709EPSS
Exploits0References2
CVE
CVE
added 2020/08/12 1:41 p.m.47 views

CVE-2020-6298

CVE-2020-6298 affects SAP Banking Services (Generic Market Data) versions 400, 450, and 500. The root cause is a missing authorization check that lets an unauthorized user display protected Business Partner Generic Market Data (GMD) and alter related GMD key figure values, impacting confidentiali...

8.3CVSS7.9AI score0.00962EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/08/12 1:41 p.m.27 views

CVE-2020-6298

SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...

8.3CVSS8AI score0.00962EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/08/12 1:19 p.m.14 views

CVE-2020-6273

SAP S/4 HANA Fiori UI for General Ledger Accounting, versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check...

4.3CVSS4.6AI score0.0056EPSS
Exploits0References2
Rows per page
Query Builder