CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

SUSE CVE•added 2026/01/06 12:27 a.m.•1 views

SUSE CVE-2025-34410

1Panel versions 1.10.33 - 2.0.15 contain a cross-site request forgery CSRF vulnerability in the Change Username functionality available from the settings panel /settings/panel. The endpoint does not implement CSRF protections such as anti-CSRF tokens or Origin/Referer validation. An attacker can...

7.1CVSS6.8AI score0.00041EPSS

Exploits0References2

RedhatCVE•added 2025/12/11 5:2 p.m.•1 views

CVE-2025-34410

7.1CVSS6.7AI score0.00041EPSS

Exploits0References1

Github Security Blog•added 2025/12/10 6:30 p.m.•3 views

1Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality

7.1CVSS6.8AI score0.00041EPSS

Exploits0References5Affected Software1

OSV•added 2025/12/10 6:30 p.m.•3 views

GHSA-RPR2-4HQJ-HC4Q 1Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality

7.1CVSS6.7AI score0.00041EPSS

Exploits0References5

EUVD•added 2025/12/10 6:30 p.m.•1 views

EUVD-2025-202444

1Panel contains a cross-site request forgery CSRF vulnerability in the Change Username functionality...

7CVSS6.3AI score0.00041EPSS

Exploits0References4

Snyk•added 2025/12/10 4:46 p.m.•1 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the Change Username process in the settings panel. An attacker can cause a user's account to be locked out by tricking the victim into visiting a malicious webpage while authenticated, which submits a...

7.1CVSS6.8AI score0.00041EPSS

Exploits0References2

Snyk•added 2025/12/10 4:46 p.m.•2 views

Cross-site Request Forgery (CSRF)

7.1CVSS6.5AI score0.00041EPSS

Exploits0References2

OSV•added 2025/12/10 4:16 p.m.•1 views

CVE-2025-34410

7.1CVSS6.7AI score

Exploits0References3

Cvelist•added 2025/12/10 4:7 p.m.•23 views

CVE-2025-34410 1Panel CSRF in Change Username Functionality Allows Account Lockout

7CVSS0.00041EPSS

Exploits0References3

Vulnrichment•added 2025/12/10 4:7 p.m.•1 views

CVE-2025-34410 1Panel CSRF in Change Username Functionality Allows Account Lockout

7CVSS6.4AI score0.00041EPSS

Exploits0References3

CVE•added 2025/12/10 4:7 p.m.•10 views

CVE-2025-34410

1Panel versions 1.10.33–2.0.15 have a CSRF in Change Username under /settings/panel. The endpoint lacks anti-CSRF tokens and Origin/Referer checks, enabling an attacker to submit a username-change request via a malicious page while the victim is authenticated. The victim’s username can be changed...

7.1CVSS6.4AI score0.00041EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2025/12/10 12:0 a.m.•1 views

PT-2025-50339

Name of the Vulnerable Software and Affected Versions 1Panel versions 1.10.33 through 2.0.15 Description 1Panel versions 1.10.33 through 2.0.15 are affected by a cross-site request forgery CSRF issue in the Change Username functionality, accessible through the settings panel at the /settings/pane...

7CVSS6.6AI score0.00041EPSS

Exploits0References6

GitLab Advisory Database•added 2025/12/10 12:0 a.m.•4 views

1Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality

7.1CVSS6.8AI score0.00041EPSS

Exploits0References6Affected Software1

OSV•added 2022/02/01 8:10 p.m.•11 views

ALBA-2022:0363 gnome-control-center bug fix update

The gnome-control-center package contains configuration utilities for the GNOME desktop, which allow to configure accessibility options, desktop fonts, keyboard and mouse properties, sound setup, desktop theme and background, user interface properties, screen resolution, and other settings. Bug...

7.1AI score

Exploits0

Rockylinux•added 2022/02/01 8:10 p.m.•10 views

gnome-control-center bug fix update

An update is available for gnome-control-center. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnome-control-center package contains configuration utilitie...

0.4AI score

Exploits0

NVD•added 2021/08/20 7:15 p.m.•8 views

CVE-2020-27461

A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed for 4.7.0. This vulnerability allowed for remote code execution through an authenticated file upload via the Settings PanelImport website function...

8.8CVSS0.05674EPSS

Exploits1References3

Prion•added 2021/08/20 7:15 p.m.•13 views

Remote code execution

6.5CVSS8.9AI score0.05674EPSS

Exploits1References3Affected Software1

CNNVD•added 2021/08/20 12:0 a.m.•1 views

SEOPanel 代码问题漏洞

SEOPanel is an open source seo control panel for managing your website's search engine optimization. A security vulnerability exists in SEOPanel versions prior to 4.7.0. This vulnerability can be exploited by an attacker to remotely execute code by uploading a file via the Settings panel Import...

8.8CVSS8.1AI score0.05674EPSS

Exploits1References4

Prion•added 2020/04/07 5:15 p.m.•10 views

Cross site scripting

Stored XSS in the IMPress for IDX Broker WordPress plugin before 2.6.2 allows authenticated attackers with minimal subscriber-level permissions to save arbitrary JavaScript in the plugin's settings panel via the idxupdaterecaptchakey AJAX action and a crafted idxrecaptchasitekey parameter, which...

3.5CVSS5.1AI score0.00252EPSS

Exploits1References2Affected Software1

0day.today•added 2019/10/17 12:0 a.m.•59 views

Wordpress FooGallery 1.8.12 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress FooGallery 1.8.12 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\foogallery" Exploit Author: Unk9vvN Vendor Homepage: https://foo.gallery/ Software Link:...

0.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by