CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2026/04/29 2:48 p.m.•4 views

CVE-2026-41464

ProjeQtor versions 7.0 through 12.4.3 contain a missing authorization vulnerability in the objectDetail.php endpoint that allows authenticated users with guest-level privileges to retrieve sensitive data belonging to other users including password hashes and API keys. Attackers can bypass access...

7.1CVSS5.3AI score0.00304EPSS

Exploits0References1

NVD•added 2026/04/27 4:16 p.m.•7 views

CVE-2026-41464

7.1CVSS0.00304EPSS

Exploits0References4

Vulnrichment•added 2026/04/27 3:10 p.m.•2 views

CVE-2026-41464 ProjeQtor < 12.4.4 Missing Authorization via objectDetail.php

7.1CVSS5.3AI score0.00304EPSS

Exploits0References4

EUVD•added 2026/04/27 3:10 p.m.•7 views

EUVD-2026-25867

7.1CVSS5.3AI score0.00304EPSS

Exploits0References4

Cvelist•added 2026/04/27 3:10 p.m.•27 views

CVE-2026-41464 ProjeQtor < 12.4.4 Missing Authorization via objectDetail.php

7.1CVSS0.00304EPSS

Exploits0References4

CVE•added 2026/04/27 3:10 p.m.•13 views

CVE-2026-41464

ProjeQtor versions 7.0–12.4.3 expose a missing authorization vulnerability in objectDetail.php. Authenticated users with guest-level privileges can access data belonging to other users (including password hashes and API keys) by directly hitting the endpoint without ownership or RBAC validation, ...

7.1CVSS5.3AI score0.00304EPSS

Exploits0References4

CNNVD•added 2026/04/27 12:0 a.m.•7 views

ProjeQtOr 安全漏洞

ProjeQtOr is a project management software developed by the French company ProjeQtOr. Versions 7.0 to 12.4.3 of ProjeQtOr contain security vulnerabilities. These vulnerabilities stem from a lack of authorization verification at the objectDetail.php endpoint, which may lead to the retrieval of...

7.1CVSS5.8AI score0.00304EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by