Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 5 days ago5 views

CVE-2026-39327

ChurchCRM is an open-source church management system. Prior to 7.1.0, an SQL injection vulnerability was found in the endpoint /MemberRoleChange.php in ChurchCRM 7.0.5. Authenticated users with the role Manage Groups & Roles ManageGroups can inject arbitrary SQL statements through the NewRole...

8.8CVSS5.7AI score0.00039EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/07 5:31 p.m.16 views

CVE-2026-39327 ChurchCRM has a SQL injection in MemberRoleChange.php

ChurchCRM is an open-source church management system. Prior to 7.1.0, an SQL injection vulnerability was found in the endpoint /MemberRoleChange.php in ChurchCRM 7.0.5. Authenticated users with the role Manage Groups & Roles ManageGroups can inject arbitrary SQL statements through the NewRole...

8.8CVSS0.00039EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/07 3:49 p.m.1 views

CVE-2026-35567

...

5.9AI score0.00047EPSS
Exploits0
Talos Blog
Talos Blogadded 2026/03/11 10:0 a.m.3 views

Spinning complex ideas into clear docs with Kri Dontje

Welcome back! This week, we're shining a spotlight on Kri Dontje, a technical writer who's become an essential voice in making Cisco Talos' work understandable for a wide audience. With a background in technical communications and a career that began at a small startup, Kri discusses the importan...

5.8AI score
Exploits0
OSV
OSVadded 2024/03/06 11:8 a.m.19 views

BIT-WILDFLY-2021-3536

A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity...

4.8CVSS5.2AI score0.00284EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2022/05/13 1:12 a.m.20 views

Statamic framework Incorrect Permission Assignment

Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...

8.8CVSS6.8AI score0.00203EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2021/05/20 1:15 p.m.22 views

CVE-2021-3536

A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity...

4.8CVSS0.00284EPSS
Exploits0References1
Cvelist
Cvelistadded 2017/07/24 12:0 p.m.17 views

CVE-2017-11422

Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...

8.8AI score0.00203EPSS
Exploits0References1
Prion
Prionadded 2017/06/07 1:29 p.m.12 views

Design/Logic Flaw

An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId/275 URI, while creating a new role, a list of database tables and their columns is available...

5CVSS7.4AI score0.08852EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder