Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-34625

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00558EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-50572

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00475EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:16 a.m.11 views

CVE-2024-36682

In the module "Theme settings" pkthemesettings = 1.8.8 from Promokit.eu for PrestaShop, a guest can download all email collected while SHOP is in maintenance mode. Due to a lack of permissions control, a guest can access the txt file which collect email when maintenance is enable which can lead t...

7.5CVSS6.8AI score0.00379EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:57 a.m.10 views

CVE-2023-46352

In the module "Pixel Plus: Events + CAPI + Pixel Catalog for Facebook Module" facebookconversiontrackingplus up to version 2.4.9 from Smart Modules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from...

7.5CVSS6.6AI score0.00475EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/12/17 4:24 p.m.15 views

5 million payment card details stolen in painful reminder to monitor Christmas spending

Another day, another exposed S3 bucket. This time, 5 million US credit cards and personal details were leaked online. The Leakd.com security team discovered that 5 terabytes of sensitive screenshots were exposed in a freely accessible Amazon S3 bucket. An S3 bucket is like a virtual file folder i...

7.4AI score
Exploits0
Prion
Prion
added 2023/11/02 10:15 p.m.18 views

Design/Logic Flaw

In the module "Pixel Plus: Events + CAPI + Pixel Catalog for Facebook Module" facebookconversiontrackingplus up to version 2.4.9 from Smart Modules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from...

5CVSS7.4AI score0.00475EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/05/16 12:0 a.m.40 views

CVE-2023-30281

The CVE-2023-30281 entry affects Store Commander for PrestaShop, specifically scquickaccounting versions prior to 3.7.3. The underlying issue is insecure permissions that fail to restrict access to exports, allowing a guest to access data that is exported by the module. The practical impact state...

7.5CVSS6.3AI score0.00474EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/16 12:0 a.m.10 views

CVE-2023-30281

Insecure permissions vulnerability was discovered, due to a lack of permissions’s control in scquickaccounting before v3.7.3 from Store Commander for PrestaShop, a guest can access exports from the module which can lead to leak of personnal informations from pscustomer table sush as name / surnam...

6.4AI score0.00474EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/04 12:0 a.m.21 views

CVE-2023-30282

PrestaShop scexportcustomers = 3.6.1 is vulnerable to Incorrect Access Control. Due to a lack of permissions' control, a guest can access exports from the module which can lead to leak of personal information from customer table...

7.5AI score0.0056EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/04 12:0 a.m.10 views

CVE-2023-30282

PrestaShop scexportcustomers = 3.6.1 is vulnerable to Incorrect Access Control. Due to a lack of permissions' control, a guest can access exports from the module which can lead to leak of personal information from customer table...

7.4AI score0.0056EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/04/11 8:57 a.m.16 views

U.S. Dept Of Defense: Members Personal Information Leak Due to IDOR

Summary https://██████ allows anyone to sign up and view other members profile. According to wikipedia, ███████ is part of US DoD "████████": ██████ I signed up with a regular account and noticed that by referencing users ████, I can send thousands of "█████████" and also, using another end-point...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/31 12:0 a.m.29 views

Fedora 17 : moodle-2.2.11-1.fc17 (2013-13252)

Latest upstream release for this branch. Correct unbundling of php-pear-HTML-Quickform. Fix for: MSA-13-0025: XSS vulnerability in YUI library MSA-13-0026: Personal information leak in IMS-LTI CVE-2013-2242 MSA-13-0027: Access issue in Chat module CVE-2013-2243 MSA-13-0028: Answer information...

4.3CVSS5.3AI score0.01406EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2013/07/23 12:0 a.m.30 views

Fedora 18 : moodle-2.3.8-2.fc18 (2013-12950)

Latest upstream release for this branch. Correct unbundling of php-pear-HTML-Quickform. Fix for: MSA-13-0025: XSS vulnerability in YUI library MSA-13-0026: Personal information leak in IMS-LTI CVE-2013-2242 MSA-13-0027: Access issue in Chat module CVE-2013-2243 MSA-13-0028: Answer information...

4.3CVSS5.3AI score0.01406EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2011/11/08 7:34 p.m.3 views

UMP French Political Party got hacked & personal information leaked

UMP French Political Party got hacked & personal information leaked The personal data of several political parliamentarians, ministers, Minister of UMP French Political Party employees were released online by an unknown source. The leak contain the details of Bernard Accoyer, Lionel Tardy, Jean...

7AI score
Exploits0
Rows per page
Query Builder