Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/04 1:26 a.m.8 views

CVE-2026-10737

The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the viewfile function in all versions up to, and including, 4.71. This makes it possible for unauthenticated attackers to read file metadata and obtain download links f...

7.5CVSS5.9AI score0.003EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/22 10:17 p.m.19 views

CVE-2025-67652 AutomationDirect CLICK Programmable Logic Controller Weak Encoding for Password

An attacker with access to the project file could use the exposed credentials to impersonate users, escalate privileges, or gain unauthorized access to systems and services. The absence of robust encryption or secure handling mechanisms increases the likelihood of this type of exploitation, leavi...

6.1CVSS0.00101EPSS
Exploits0References2
CVE
CVE
added 2025/12/17 12:55 a.m.13 views

CVE-2025-11009

The CVE-2025-11009 issue affects Mitsubishi Electric GT Designer3 (GOT2000 GOT1000) where credentials are stored in plaintext in project files (Cleartext Storage of Sensitive Information). Root cause: credentials verifi ed/stored in plaintext (CWE-312). Impact: local, unauthenticated attacker cou...

5.1CVSS6.2AI score0.00081EPSS
Exploits0References2
OSV
OSV
added 2020/03/16 4:15 p.m.4 views

CVE-2020-6980

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol SMTP account data is saved in RSLogix 500, a local attacker with access to a...

3.3CVSS5.8AI score0.00415EPSS
Exploits0References1
Rows per page
Query Builder