Lucene search
K

6 matches found

CVE
CVE
added 2026/07/01 6:0 a.m.16 views

CVE-2026-11568

The Product Configurator for WooCommerce WordPress plugin prior to 1.7.3 exposes protected product data via a public AJAX action without any authorization or post-status checks. Unauthenticated users can retrieve data for private and draft (non-public) products by supplying the product ID, bypass...

7.5CVSS5.8AI score0.00284EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-13319

Malware in sbrugna...

7.5CVSS7.6AI score0.01514EPSS
Exploits1References2
Prion
Prion
added 2019/02/11 2:29 a.m.12 views

Cross site request forgery (csrf)

Frog CMS 0.9.5 provides a directory listing for a /public request...

5CVSS7.6AI score0.01514EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/02/11 2:0 a.m.20 views

CVE-2018-20776

Frog CMS 0.9.5 provides a directory listing for a /public request...

7.6AI score0.01514EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/02/19 2:0 p.m.31 views

CVE-2018-7219

application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an account via a public/index.php/admin/admin/edit.html request...

8.8AI score0.00515EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.37 views

WordPress LeagueManager Plugin 3.8 - SQL Injection

No description provided by source. !/usr/bin/ruby Exploit Title: WordPress LeagueManager Plugin v3.8 SQL Injection Google Dork: inurl:/wp-content/plugins/leaguemanager/ Date: 13/03/13 Exploit Author: Joshua Reynolds Vendor Homepage: http://wordpress.org/extend/plugins/leaguemanager/ Software Link...

7.5CVSS0.1AI score0.05231EPSS
Exploits8
Rows per page
Query Builder