Lucene search
K

6 matches found

CNNVD
CNNVD
added 2026/05/11 12:0 a.m.6 views

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained security vulnerabilities. These vulnerabilities stemmed from the plugin/CloneSite/cloneClient.json.php file displaying the local CloneSite shared key in unvalidate...

7.5CVSS5.9AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.11 views

Grav 信息泄露漏洞

Grav is a scalable content management system CMS developed by the Grav open-source community, suitable for use in personal blogs, small content publishing platforms, and single-page product displays. Versions of Grav prior to 2.0.0-rc.2 contained an information leakage vulnerability. This...

7.7CVSS5.7AI score0.00276EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/01 8:41 p.m.2 views

CVE-2025-59337 Discourse: Cross-Site Data Exposure via Backup Restore Metacommand Injection in Multisite Deployments

Discourse is an open-source community discussion platform. In versions 3.5.0 and below, malicious meta-commands could be embedded in a backup dump and executed during restore. In multisite setups, this allowed an admin of one site to access data or credentials from other sites. This issue is fixe...

5.5CVSS6.2AI score0.00277EPSS
Exploits0References2
OSV
OSV
added 2022/08/01 1:15 p.m.5 views

CVE-2022-1585

The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site to download the entire site, including sensitive files like wp-config.php...

7.5CVSS5.7AI score0.00885EPSS
Exploits1References1
OSV
OSV
added 2021/10/04 2:15 p.m.4 views

CVE-2021-37777

Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference IDOR. Thumbnails uploaded by one site owner are visible by another site owner just by knowing the other site name and fuzzing for picture names. This leads to sensitive information disclosure...

7.5CVSS6.9AI score0.01648EPSS
Exploits1References1
OSV
OSV
added 2015/09/18 10:59 a.m.1 views

UBUNTU-CVE-2015-5790

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and...

6.8CVSS6.2AI score0.02505EPSS
Exploits0References6
Rows per page
Query Builder