Lucene search
K

16 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

WordPress plugin Helpfulcrowd Product Reviews 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.6AI score0.00273EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47672

Name of the Vulnerable Software and Affected Versions Helpfulcrowd Product Reviews versions prior to 1.3.0 Description The Helpfulcrowd Product Reviews plugin for WordPress allows unauthenticated authorization bypass due to PHP Type Juggling. This occurs because the helpfulcrowd validate token...

5.3CVSS5.5AI score0.00273EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.18 views

PT-2026-40716

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.46 Traefik versions prior to 3.6.17 Traefik versions prior to 3.7.1 Description Traefik's Kubernetes Gateway API provider contains an authorization bypass that allows a tenant with HTTPRoute creation permissions ...

9.9CVSS5.8AI score0.00457EPSS
Exploits1References18
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-176588

Malicious code in route-permission-grep-quick-debug npm...

6.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.6 views

PT-2025-44579

Name of the Vulnerable Software and Affected Versions RealPress WordPress plugin versions prior to 1.1.0 Description The RealPress WordPress plugin does not properly validate permissions when registering REST routes. This allows for the creation of pages and the sending of emails on the site...

5.3CVSS6.4AI score0.0029EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in compress-route-query-route-permission (npm)

The package compress-route-query-route-permission was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-17461 Malicious code in compress-route-query-route-permission (npm)

The package compress-route-query-route-permission was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2022/06/14 5:15 p.m.5 views

CVE-2022-27668

Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform - versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC...

9.8CVSS7.4AI score0.02062EPSS
Exploits2References4
NVD
NVD
added 2016/10/03 6:59 p.m.17 views

CVE-2016-7572

The system.temporary route in Drupal 8.x before 8.1.10 does not properly check for "Export configuration" permission, which allows remote authenticated users to bypass intended access restrictions and read a full config export via unspecified vectors...

4.3CVSS4.4AI score0.01716EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.50 views

SAP Router - Timing Attack Password Disclosure

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Router Password Timing Attack 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL:...

4.3CVSS0.02818EPSS
Exploits5
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.70 views

[CORE-2014-0003] - SAP Router Password Timing Attack

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Router Password Timing Attack 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL: http://www.coresecurity.com/advisories/sap-router-password-timing-attack Date published:...

4.3CVSS0.2AI score0.02818EPSS
Exploits5
exploitpack
exploitpack
added 2014/04/17 12:0 a.m.90 views

SAP Router - Timing Attack Password Disclosure

SAP Router - Timing Attack Password Disclosure Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Router Password Timing Attack 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL:...

4.3CVSS6.5AI score0.02818EPSS
Exploits5
0day.today
0day.today
added 2014/04/17 12:0 a.m.57 views

SAP Router - Timing Attack Password Disclosure

SAP Router is an application-level gateway used to connect systems in a SAP infrastructure. A vulnerability have been found in SAP Router that could allow an unauthenticated remote attacker to obtain passwords used to protect route entries by a timing side-channel attack. SAP Router Password Timi...

4.3CVSS0.2AI score0.02818EPSS
Exploits5
Exploit DB
Exploit DB
added 2014/04/17 12:0 a.m.77 views

SAP Router - Timing Attack Password Disclosure

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Router Password Timing Attack 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL: http://www.coresecurity.com/advisories/sap-router-password-timing-attack Date published:...

4.3CVSS6.9AI score0.02818EPSS
Exploits5
Packet Storm
Packet Storm
added 2014/04/16 12:0 a.m.77 views

SAP Router Password Timing Attack

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Router Password Timing Attack 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL: http://www.coresecurity.com/advisories/sap-router-password-timing-attack Date published:...

4.3CVSS6.5AI score0.02818EPSS
Exploits5
Core Security
Core Security
added 2014/04/15 12:0 a.m.501 views

SAP Router Password Timing Attack

Advisory ID Internal CORE-2014-0003 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL:https://www.coresecurity.com/core-labs/advisories/sap-router-password-timing-attack Date published: 2014-04-15 Date of last update: 2014-03-06 Vendors...

4.3CVSS6.8AI score0.02818EPSS
Exploits5
Rows per page
Query Builder