Lucene search
K

8 matches found

CVE
CVE
added 2026/06/27 6:50 a.m.14 views

CVE-2026-11987

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution (WordPress) up to version 5.0.4 is vulnerable to Insecure Direct Object Reference via the id parameter due to missing validation on a user‑controlled key. Authenticated attackers with subscriber+ access can read other vendors’ pro...

4.3CVSS5.7AI score0.00271EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-28017

Malware in sbrugna...

9.8CVSS9.2AI score0.01172EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-22785

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00319EPSS
Exploits0References2
Gitee
Gitee
added 2025/09/06 8:33 a.m.72 views

CUSEC-2020

Based on the provided code and context, here is a summary of the analysis: Classification: This is an Insecure Direct Object Reference IDOR bug. Background: The bug occurs when the application does not verify that the current user is authorized to access a resource with a specific ID. In this cas...

7.1AI score
Exploits0
NVD
NVD
added 2024/04/15 5:15 a.m.23 views

CVE-2024-1310

The WooCommerce WordPress plugin before 8.6 does not prevent users with at least the contributor role from leaking products they shouldn't have access to. e.g. private, draft and trashed products...

4.9CVSS6.5AI score0.0068EPSS
Exploits2References1
NVD
NVD
added 2023/08/18 10:15 a.m.28 views

CVE-2023-40069

OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-F1167ACF all versions, WRC-1750GHBK all versions,...

9.8CVSS9.7AI score0.01241EPSS
Exploits0References2
Prion
Prion
added 2019/07/05 2:15 p.m.16 views

Authentication flaw

iDoors Reader 2.10.17 and earlier allows an attacker on the same network segment to bypass authentication to access the management console and operate the product via unspecified vectors...

5.8CVSS8.7AI score0.00716EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.25 views

CVE-2002-0009

showbug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pulldown menu...

6.5AI score0.01194EPSS
Exploits0References6
Rows per page
Query Builder