Lucene search
K

10 matches found

CVE
CVE
added yesterday6 views

CVE-2026-59805

Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController. Authenticated sellers can manipulate purchase access for other sellers' products by issuing PUT requests to revoke_access and undo_revoke_access without validating ownership. This lets attackers...

7.1CVSS6.1AI score
Exploits0References5
Cvelist
Cvelist
added 2024/07/10 2:2 a.m.17 views

CVE-2024-5792 Houzez CRM <= 1.4.2 - Authenticated (Seller+) SQL Injection

The Houzez CRM plugin for WordPress is vulnerable to time-based SQL Injection via the notes ‘belongto’ parameter in all versions up to, and including, 1.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

8.8CVSS0.00454EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/09 2:3 a.m.16 views

CVE-2024-5793 Houzez Theme - Functionality <= 3.2.2 - Authenticated (Seller+) SQL Injection

The Houzez Theme - Functionality plugin for WordPress is vulnerable to SQL Injection via the ‘currencycode’ parameter in all versions up to, and including, 3.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

8.8CVSS7.5AI score0.00458EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/08 12:0 a.m.6 views

PT-2024-37159 · WordPress · The Houzez Theme

Name of the Vulnerable Software and Affected Versions: The Houzez Theme - Functionality plugin for WordPress versions up to, and including, 3.2.2 Description: The issue is related to SQL Injection via the currency code parameter due to insufficient escaping on the user-supplied parameter and lack...

8.8CVSS7.4AI score0.00458EPSS
Exploits0References9
CNVD
CNVD
added 2020/04/27 12:0 a.m.1 views

ENTER has a logic flaw vulnerability

ENTER ENTR is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function of ENTR's smart contract contract name: EnterToken implementation. An attacker could exploit this vulnerability to prevent the seller from accessing the assets due to the exchange...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/04/27 12:0 a.m.1 views

RiptideCoin has a logic flaw vulnerability

RiptideCoin RIPT is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function of RIPT's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/04/27 12:0 a.m.1 views

Welfare Token Fund has a flawed logic vulnerability

Welfare Token Fund WTF is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function in the smart contract implementation of WTF. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...

7.1AI score
Exploits0
CNVD
CNVD
added 2020/04/27 12:0 a.m.1 views

Logic Flaw Vulnerability in ETHERCASH

ETHERCASH ETC is an ethereum-based digital currency. An integer overflow vulnerability exists in the 'sell' function of ETC's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...

7.1AI score
Exploits0
CNVD
CNVD
added 2018/07/05 12:0 a.m.1 views

MoneyChainNet (MCN) Integer Overflow Vulnerability

MoneyChainNet MCN is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function in MCN's smart contract implementation. An attacker could use this vulnerability to prevent the seller from accessing the assets due to the exchange...

7.5CVSS7.7AI score0.01033EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/05 12:0 a.m.3 views

RiptideCoin (RIPT) Integer Overflow Vulnerability

RiptideCoin RIPT is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function of RIPT's smart contract implementation. An attacker could exploit the vulnerability to prevent the seller from accessing the assets due to the exchange...

7.5CVSS7.6AI score0.01033EPSS
Exploits1References1
Rows per page
Query Builder