Lucene search
K

327 matches found

GithubExploit
GithubExploit
added 2026/05/09 12:5 a.m.152 views

security-code-reviewer

No d...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.10 views

MOSAIC-Bench: Measuring Compositional Vulnerability Induction in Coding Agents

Coding agents often pass per-prompt safety review yet ship exploitable code when their tasks are decomposed into routine engineering tickets. The challenge is structural: existing safety alignment evaluates overt requests in isolation, leaving models blind to malicious end-states that emerge from...

5.9AI score
Exploits0
CVE
CVE
added 2026/05/02 1:26 p.m.18 views

CVE-2026-3504

The CVE-2026-3504 entry concerns the Dokan: AI Powered WooCommerce Multivendor Marketplace Solution for WordPress. Affects all versions up to 4.3.1 via the REST endpoint /dokan/v1/stores/{id}/reviews. The root cause is that prepare_reviews_for_response includes reviewer email addresses, usernames...

5.3CVSS5.8AI score0.0026EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/02 1:26 p.m.36 views

CVE-2026-3504 Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 4.3.1 - Unauthenticated Information Disclosure in Store Reviews REST API Endpoint

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'preparereviewsforresponse' method...

5.3CVSS0.0026EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/02 1:26 p.m.4 views

CVE-2026-3504 Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 4.3.1 - Unauthenticated Information Disclosure in Store Reviews REST API Endpoint

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'preparereviewsforresponse' method...

5.3CVSS5.8AI score0.0026EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/02 12:0 a.m.11 views

WordPress plugin Dokan: AI Powered WooCommerce Multivendor Marketplace Solution 信息泄露漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.3CVSS5.8AI score0.0026EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2026/04/15 4:0 p.m.7 views

Incident response for AI: Same fire, different fuel

In this article 1. The fundamentals still hold 2. Where AI changes the equation 3. Closing the gaps in telemetry, tooling, and response 4. The human dimension 5. Looking ahead When a traditional security incident hits, responders replay what happened. They trace a known code path, find the defect...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/14 1:22 a.m.5 views

CVE-2026-36920

Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php...

2.7CVSS5.9AI score0.00225EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/14 1:22 a.m.5 views

CVE-2026-36919

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...

2.7CVSS5.9AI score0.00225EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/04/14 12:53 a.m.150 views

vulnswarm

VulnSwarm AI-powered vulnerability discovery using multi-agen...

8.8CVSS6AI score0.01915EPSS
Exploits3
EUVD
EUVD
added 2026/04/13 3:31 p.m.4 views

EUVD-2026-21920

Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php...

2.7CVSS5.9AI score0.00225EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/13 3:31 p.m.3 views

EUVD-2026-21916

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...

2.7CVSS5.9AI score0.00225EPSS
Exploits1References2
NVD
NVD
added 2026/04/13 1:16 p.m.14 views

CVE-2026-36919

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...

2.7CVSS0.00225EPSS
Exploits1References1
NVD
NVD
added 2026/04/13 1:16 p.m.4 views

CVE-2026-36920

Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php...

2.7CVSS0.00225EPSS
Exploits1References1
CVE
CVE
added 2026/04/13 12:0 a.m.11 views

CVE-2026-36920

CVE-2026-36920 affects Sourcecodester Online Reviewer System v1.0. The Red Hat, ENISA EUVD, CIRCL, NVD, CVE lists, and Vulners enrichment all indicate a SQL Injection vulnerability in /system/system/admins/assessments/examproper/questions-view.php. Root cause details are not explicitly provided b...

2.7CVSS5.9AI score0.00225EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/04/13 12:0 a.m.32 views

CVE-2026-36919

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...

0.00225EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/13 12:0 a.m.2 views

CVE-2026-36919

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...

5.9AI score0.00225EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/13 12:0 a.m.3 views

CVE-2026-36920

Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php...

5.9AI score0.00225EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/13 12:0 a.m.23 views

CVE-2026-36920

Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php...

0.00225EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.5 views

PT-2026-32335

Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php...

5.9AI score0.00225EPSS
Exploits1References2
Rows per page
Query Builder