Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/04/14 12:0 a.m.32 views

CVE-2026-38533

An improper authorization vulnerability in the /api/v1/users/id endpoint of Snipe-IT v8.4.0 allows authenticated attackers with the users.edit permission to modify sensitive authentication and account-state fields of other non-admin users via supplying a crafted PUT request...

0.00311EPSS
Exploits2References2
Snyk
Snyk
added 2026/03/24 2:33 a.m.10 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the pathfor function in DiskService. An attacker can read, write, or delete arbitrary files on the server by supplying blob keys containing path traversal sequences like ../. Note: In most cases, blob keys are...

9.8CVSS6.4AI score0.00567EPSS
Exploits0References2
0day.today
0day.today
added 2023/05/23 12:0 a.m.248 views

WordPress Backup Migration 1.2.8 Plugin - Unauthenticated Database Backup Vulnerability

Exploit Title: WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup Google Dork: intitle:"Index of /wp-content/plugins/backup-backup" AND inurl:"plugins/backup-backup/" Exploit Author: Wadeek Vendor Homepage: https://backupbliss.com/ Software Link:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/23 12:0 a.m.14 views

KISGB <= 5.1.1 (authenticate.php) Remote File Include Vulnerability

No description provided by source. KISGB Keep It Simple Guest Book defaultpathforthemes Remote File Include +class : Remote File Include Vulnerability + +download link : http://phpnuke-downloads.com/modules.php?name=Downloads&dop=nsgetit&cid=14&lid=156&type=urlget +Author : mdx +Files :...

7.1AI score
Exploits0
Rows per page
Query Builder