Lucene search
K

105362 matches found

Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.8 views

PT-2026-37352

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'first name' parameter in all versions up to, and including, 5.5.0 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS6AI score0.00122EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-38254

Name of the Vulnerable Software and Affected Versions Masa CMS versions prior to 7.2.10 Masa CMS versions prior to 7.3.15 Masa CMS versions prior to 7.4.10 Masa CMS versions prior to 7.5.3 Description Improper handling of scheme-relative URLs allows for an open redirect. The application incorrect...

5.3CVSS5.8AI score0.00328EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.7 views

PT-2026-37351

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'booking form page url' parameter in all versions up to, and including, 5.5.0 due to insufficient input sanitization and output escaping. This makes it...

7.2CVSS6AI score0.0045EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37540

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the PCI endpoint component where the pci primary epc epf unlink and pci secondary epc epf unlink functions specify parameters in the wrong order. This contradicts the...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References17
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.30 views

Gotenberg 参数注入漏洞

Gotenberg is an open-source, developer-friendly API developed by Gotenberg. It is used to convert various document formats into PDF files. Versions of Gotenberg 8.30.1 and earlier contained a parameter injection vulnerability. This vulnerability stemmed from the fact that the metadata writing...

10CVSS5.9AI score0.00611EPSS
Exploits1References1
OSV
OSV
added 2026/05/05 10:19 p.m.6 views

GHSA-8CXW-CC62-Q28V ciguard: discover_pipeline_files follows symlinks out of scan root

Summary The discoverpipelinefiles function in src/ciguard/discovery.py introduced in v0.8.0 and used by the MCP scanrepo tool shipped in v0.8.1 walks a directory tree following symlinks, with cycle protection via tracking visited resolved paths. An attacker who can plant a symlink in a directory...

2.4CVSS5.8AI score0.00158EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/05 10:2 p.m.9 views

AVideo: Unauthenticated User Enumeration in objects/users.json.php via isCompany Parameter Allows Bypass of the Admin-Only Listing Restriction

Summary objects/users.json.php exposes two unauthenticated paths that disclose the full set of registered user accounts. The isCompany request parameter causes the handler to set $ignoreAdmin = true for any non-admin caller including unauthenticated visitors, which defeats the admin-only guard...

5.3CVSS5.8AI score0.0027EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/05 10:2 p.m.4 views

GHSA-6RVW-7P8V-MJFQ AVideo: Unauthenticated User Enumeration in objects/users.json.php via isCompany Parameter Allows Bypass of the Admin-Only Listing Restriction

Summary objects/users.json.php exposes two unauthenticated paths that disclose the full set of registered user accounts. The isCompany request parameter causes the handler to set $ignoreAdmin = true for any non-admin caller including unauthenticated visitors, which defeats the admin-only guard...

5.3CVSS5.8AI score0.0027EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/05 10:2 p.m.11 views

Missing Authentication for Critical Function

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the objects/users.json.php process. An attacker can retrieve sensitive user information, including user IDs, displa...

6.9CVSS5.8AI score0.0027EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/05 9:34 p.m.6 views

Directory Traversal

Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Directory Traversal via the FormFlash process when the sessionid parameter mapped to form-flash-id in POST requests is not properly sanitized...

9.3CVSS6.3AI score0.00521EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/05 9:31 p.m.7 views

EUVD-2026-27486

A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /urlmember.asp of the component Web Management Interface. Executing a manipulation of the argument Name can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and...

8.6CVSS7.5AI score0.04589EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/05 9:31 p.m.14 views

EUVD-2026-27430

A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function urlruleasp of the file /urlrule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploi...

10CVSS7.5AI score0.0586EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/05 9:31 p.m.10 views

EUVD-2026-27426

Kestra v1.3.3 and before is vulnerable to SQL Injection. The vulnerability occurs because user-controlled input from a GET parameter is directly concatenated into an SQL query without proper sanitization or parameterization. As a result, attackers can inject arbitrary SQL expressions into the...

6AI score0.00367EPSS
Exploits1References3
EUVD
EUVD
added 2026/05/05 9:31 p.m.9 views

EUVD-2026-27432

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tgglasp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is no...

9CVSS7.8AI score0.01057EPSS
Exploits1References6
Snyk
Snyk
added 2026/05/05 9:18 p.m.7 views

Directory Traversal

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Directory Traversal via the setpackagedata function. An attacker can overwrite or create files in arbitrary directories by supplying crafted values to the...

8.1CVSS6.3AI score0.00395EPSS
Exploits1References3
OSV
OSV
added 2026/05/05 9:8 p.m.3 views

CLSA-2026-1777566580 openssl: Fix of CVE-2026-28390

CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:21 p.m.8 views

CVE-2026-7744

A vulnerability was found in CodeAstro Online Classroom 1.0. This affects an unknown function of the file /OnlineClassroom/addnewstudent. The manipulation of the argument fname results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:21 p.m.8 views

CVE-2026-41923

WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the internet.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter. Attackers can exploit...

9.3CVSS6.1AI score0.02615EPSS
Exploits0References1
NVD
NVD
added 2026/05/05 8:16 p.m.6 views

CVE-2026-40331

Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, the unauthenticated JSON API accepts an altTable parameter that is stored via the setAltTable method without validation or sanitization. This...

9.3CVSS0.00317EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/05 8:11 p.m.9 views

Magento LTS Vulnerable to Open Redirect via Unvalidated `uenc` Parameter in `stockAction()`

Summary MageProductAlertAddController::stockAction reads the uenc query parameter and passes it directly to $this-redirectUrl$backUrl without calling $this-isUrlInternal When the supplied productid does not match any catalog product, the server issues an unvalidated HTTP 302 redirect to whatever...

6.1CVSS6AI score0.00149EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder