Lucene search
K

8 matches found

CVE
CVE
added yesterday22 views

CVE-2026-55628

ImageMagick (CVE-2026-55628) is affected by a policy bypass in the -concatenate operation present in versions prior to 7.1.2-26he, due to missing security policy checks. This could allow reading and writing to paths disallowed by policy. The issue has been fixed in version 7.1.2-26he. Remediation...

5.5CVSS5.7AI score
Exploits0References1
Patchstack
Patchstack
added 2026/05/12 10:7 a.m.20 views

WordPress Eight Day Week Print Workflow plugin <= 1.2.6 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by Loganatha Vishnubalaji in WordPress Plugin Eight Day Week Print Workflow versions = 1.2.6...

6.5CVSS5.9AI score0.00241EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:48 a.m.6 views

CVE-2026-5028

The Eight Day Week Print Workflow plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'title' parameter in the pp-get-articles AJAX action in all versions up to, and including, 1.2.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficie...

6.5CVSS5.9AI score0.00241EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/12 7:48 a.m.32 views

CVE-2026-5028 Eight Day Week Print Workflow <= 1.2.6 - Authenticated (Subscriber+) SQL Injection via 'title' Parameter

The Eight Day Week Print Workflow plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'title' parameter in the pp-get-articles AJAX action in all versions up to, and including, 1.2.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficie...

6.5CVSS5.9AI score0.00241EPSS
Exploits0References3
OSV
OSV
added 2026/01/02 9:15 a.m.6 views

CVE-2025-15437

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.4CVSS3.5AI score
Exploits0References8
Circl
Circl
added 2025/09/06 7:50 p.m.12 views

CVE-2021-26377

creationtimestamp| type| source ---|---|--- 2025-09-06 19:50:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly6x4rmaal2p...

4.1CVSS4.8AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/21 12:0 a.m.5 views

Dell Vnx2 Oe For File 操作系统命令注入漏洞

Dell Vnx2 Oe For File is an operating environment from Dell USA. A remote code execution vulnerability exists in Dell Vnx2 Oe For File version 8.1.21.266 and earlier. An attacker could exploit this vulnerability to execute commands on the system...

9CVSS8.1AI score0.02812EPSS
Exploits0References4
CNVD
CNVD
added 2020/09/17 12:0 a.m.5 views

Unspecified Vulnerability in CloudBees Jenkins Repository Connector Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Repository Connector Plugin is used in one of...

5.3CVSS6.8AI score0.00614EPSS
Exploits0References1
Rows per page
Query Builder