Lucene search
K

1773 matches found

EUVD
EUVD
added yesterday6 views

EUVD-2026-43293

The Library Management System WordPress plugin before 3.5.8 does not sanitize and escape a user-supplied parameter before using it in a SQL statement, allowing unauthenticated attackers to perform SQL injection and extract arbitrary data from the database, including user password hashes...

8.6CVSS6.2AI score0.00177EPSS
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-12582

The Library Management System WordPress plugin before 3.5.8 does not sanitize and escape a user-supplied parameter before using it in a SQL statement, allowing unauthenticated attackers to perform SQL injection and extract arbitrary data from the database, including user password hashes...

8.6CVSS0.00177EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday18 views

CVE-2026-12582 Library Management System < 3.5.8 - Unauthenticated SQL Injection via book_id

The Library Management System WordPress plugin before 3.5.8 does not sanitize and escape a user-supplied parameter before using it in a SQL statement, allowing unauthenticated attackers to perform SQL injection and extract arbitrary data from the database, including user password hashes...

0.00177EPSS
Exploits0References1
Veracode
Veracode
added 4 days ago6 views

Improper Authorization

Leantime is vulnerable to Improper Authorization. The vulnerability is due to missing authorization checks in the Users::getUser JSON-RPC API, where authenticated users can retrieve sensitive credential data for arbitrary user accounts, allowing attackers to obtain password hashes, TOTP secrets,...

8.6CVSS6.2AI score0.0025EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-55208 Pimcore: SQL Injection via Column Name in DateFilter allows authenticated user to extract arbitrary database data including admin password hashes

Pimcore Studio Backend Bundle is the backend bundle for Pimcore Studio. Prior to 2025.4.6 and 2026.1.6, an authenticated user can extract the admin password hash and other database content through time-based blind SQL injection in the DateFilter column key parameter. The POST...

7.7CVSS0.00249EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-55208

Pimcore Studio Backend Bundle is the backend bundle for Pimcore Studio. Prior to 2025.4.6 and 2026.1.6, an authenticated user can extract the admin password hash and other database content through time-based blind SQL injection in the DateFilter column key parameter. The POST...

7.7CVSS6.1AI score0.00249EPSS
Exploits0References6Affected Software1
CVE
CVE
added 5 days ago9 views

CVE-2026-55208

Pimcore Studio Backend Bundle vulnerability (CVE-2026-55208): An authenticated user can exploit a time-based blind SQL injection in the DateFilter column key parameter. The POST /pimcore-studio/api/website-settings endpoint and other listing endpoints accept a columnFilters array where the key fi...

7.7CVSS6.1AI score0.00249EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 5 days ago10 views

PT-2026-56808

Name of the Vulnerable Software and Affected Versions AcyMailing versions prior to 10.11.1 Description An unauthenticated SQL injection flaw exists in the AcyMailing component for Joomla. This issue allows a remote attacker to execute crafted SQL queries to gain unauthorized access to the databas...

9.2CVSS6.1AI score0.00263EPSS
Exploits1References6
Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-12097 User Management <= 1.2 - Missing Authorization to Unauthenticated Plugin Settings Modification

The User Management plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to modify the plugin's...

5.3CVSS0.00255EPSS
Exploits0References5
NVD
NVD
added 2026/07/06 9:16 p.m.8 views

CVE-2026-59712

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS0.0025EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/06 8:43 p.m.38 views

CVE-2026-59712 Leantime - JSON-RPC API Broken Access Control via users.getUser

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS0.0025EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/06 8:43 p.m.6 views

EUVD-2026-41942

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS6AI score0.0025EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:43 p.m.8 views

CVE-2026-59712

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS6AI score0.0025EPSS
Exploits0References5
CVE
CVE
added 2026/07/06 8:43 p.m.17 views

CVE-2026-59712

According to the connected NVD records, CVE-2026-59712 affects Leantime’s JSON-RPC API via the Users::getUser method. The vulnerability arises from missing authorization checks, enabling authenticated users to call users.getUser with arbitrary user IDs and enumerate accounts. The outcome is expos...

8.6CVSS6AI score0.0025EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/07/06 8:43 p.m.8 views

CVE-2026-59712 Leantime - JSON-RPC API Broken Access Control via users.getUser

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS6AI score0.0025EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 8:43 p.m.3 views

CVE-2026-59712 Leantime - JSON-RPC API Broken Access Control via users.getUser

Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to...

8.6CVSS6.2AI score0.0025EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-56014

Name of the Vulnerable Software and Affected Versions Leantime affected versions not specified Description The Users::getUser function within the JSON-RPC API does not implement sufficient authorization checks. This allows authenticated users to retrieve complete user credential records by...

8.6CVSS6.2AI score0.0025EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 12:2 p.m.12 views

EUVD-2026-41753

An unauthenticated improper input validation vulnerability in the POST /fetchcvedata endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected fields, and regular-expression filters to read arbitrary application MongoDB collections...

9.2CVSS6.2AI score0.00349EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/05 12:2 p.m.5 views

CVE-2026-59509

An unauthenticated improper input validation vulnerability in the POST /fetchcvedata endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected fields, and regular-expression filters to read arbitrary application MongoDB collections...

9.2CVSS6.2AI score0.00349EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/05 12:2 p.m.36 views

CVE-2026-59509 Unauthenticated arbitrary MongoDB collection read in cve-search

An unauthenticated improper input validation vulnerability in the POST /fetchcvedata endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected fields, and regular-expression filters to read arbitrary application MongoDB collections...

9.2CVSS0.00349EPSS
Exploits0References2
Rows per page
Query Builder