Lucene search
K

11 matches found

CVE
CVE
added 2026/03/23 9:37 p.m.22 views

CVE-2026-32299

CVE-2026-32299 is linked to a GitHub Advisory for Connect CMS describing an improper authorization vulnerability in the page content retrieval feature. The issue could allow a third party to access contents and attachments of non-public pages due to insufficient authorization checks. Affected sof...

7.5CVSS5.8AI score0.00268EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-23235

Malware in sbrugna...

4.3CVSS4.8AI score0.00933EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-25580

Malware in sbrugna...

7.7CVSS6.9AI score0.01062EPSS
Exploits0References4
NVD
NVD
added 2025/08/12 7:15 p.m.14 views

CVE-2025-52970

A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.0.10 and below may allow an unauthenticated remote attacker with non-public information pertaining to the device and targeted user to gain admin privileges o...

8.1CVSS0.1067EPSS
Exploits4References2
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.4 views

PT-2024-13465 · Decidim · Decidim

Name of the Vulnerable Software and Affected Versions: Decidim versions 0.23.0 through 0.27.4 Decidim versions 0.28.0 before the fix Description: Decidim is a participatory democracy framework. The CSRF authenticity token check is disabled for the questionnaire templates preview, which may allow...

5.7CVSS7.4AI score0.00313EPSS
Exploits0References15
CNVD
CNVD
added 2021/09/09 12:0 a.m.14 views

Misskey code issue vulnerability

Misskey is a micro-blogging platform, and a code issue vulnerability exists in Misskey due to a server-side request forgery vulnerability in the software's "upload from URL" and remote attachment handling. This could lead to the disclosure of non-public information on the intranet. No details of...

7.7CVSS1.5AI score0.01062EPSS
Exploits0References1
OSV
OSV
added 2021/09/07 7:15 p.m.17 views

CVE-2021-39195

Misskey is an open source, decentralized microblogging platform. In affected versions a Server-Side Request Forgery vulnerability exists in "Upload from URL" and remote attachment handling. This could result in the disclosure of non-public information within the internal network. This has been...

6.5CVSS6.5AI score
Exploits0References3
CNVD
CNVD
added 2021/03/16 12:0 a.m.17 views

MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 Information Disclosure Vulnerability

MB CONNECT LINE mymbCONNECT24 is an internal remote maintenance solution for virtual environments from the German company MB CONNECT LINE Mb Connect Line. MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 is vulnerable to an information disclosure. An attacker could use this vulnerability to obtain...

4.3CVSS2.4AI score0.00933EPSS
Exploits0References1
NVD
NVD
added 2021/02/16 4:15 p.m.23 views

CVE-2020-35568

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An incomplete filter applied to a database response allows an authenticated attacker to gain non-public information about other users and devices in the...

4.3CVSS0.00933EPSS
Exploits0References3
Prion
Prion
added 2021/02/16 4:15 p.m.18 views

Design/Logic Flaw

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An incomplete filter applied to a database response allows an authenticated attacker to gain non-public information about other users and devices in the...

4CVSS5.6AI score0.00933EPSS
Exploits0References3Affected Software4
Hacker One
Hacker One
added 2017/01/21 2:36 p.m.22 views

LocalTapiola: SQL Injection on /webApp/viivanalle (viestinta.lahitapiola.fi)

Issue The reporter found a blind SQL Injection attack in an application in viestinta.lahitapiola.fi. Fix The issue was investigated and found to be valid. The fix was to remove the application as it was not needed. Reasoning The reported case was valid and within the scope of the bug bounty...

0.7AI score
Exploits0
Rows per page
Query Builder