Lucene search
K

93 matches found

NVD
NVD
added 2026/06/19 4:16 p.m.12 views

CVE-2017-20264

Joomla! Component Sponsor Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comsponsorwall&task=click&wallid...

7.1CVSS0.00241EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 3:57 p.m.14 views

CVE-2017-20264

Summary: CVE-2017-20264 affects Joomla! Component Sponsor Wall 8.0. An SQL injection vulnerability exists in the wallid parameter via GET requests to index.php with option=com_sponsorwall&task=click&wallid, allowing unauthenticated attackers to execute arbitrary SQL and potentially exfiltrate cre...

7.1CVSS6.2AI score0.00241EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 3:57 p.m.4 views

EUVD-2017-18991

Joomla! Component Sponsor Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comsponsorwall&task=click&wallid...

7.1CVSS6.2AI score0.00241EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 3:57 p.m.7 views

CVE-2017-20264

Joomla! Component Sponsor Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comsponsorwall&task=click&wallid...

7.1CVSS6.2AI score0.00241EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/19 3:57 p.m.32 views

CVE-2017-20264 Joomla! Component Sponsor Wall 8.0 SQL Injection

Joomla! Component Sponsor Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comsponsorwall&task=click&wallid...

7.1CVSS0.00241EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/10 6:14 p.m.11 views

CVE-2025-57823

A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...

2.7CVSS6.7AI score0.00195EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 6:15 p.m.3 views

CVE-2025-57823

A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...

2.7CVSS5.8AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 6:15 p.m.3 views

CVE-2025-57823

A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...

2.7CVSS0.00195EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 5:18 p.m.3 views

CVE-2025-57823

A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...

2.7CVSS6.2AI score0.00195EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 5:18 p.m.15 views

CVE-2025-57823

CVE-2025-57823 affects Fortinet FortiAuthenticator 6.3–6.6.x (including 6.3, 6.4, 6.5, 6.6.0–6.6.6). It is a direct request (forced browsing) vulnerability that an authenticated user with sponsor permissions can use to read and download device logs by accessing specific endpoints. Impact is limit...

2.7CVSS6.2AI score0.00195EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/09 5:18 p.m.5 views

EUVD-2025-202275

A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...

2.7CVSS6.1AI score0.00195EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-50117

Name of the Vulnerable Software and Affected Versions Fortinet FortiAuthenticator versions 6.3 through 6.6.6 Fortinet FortiAuthenticator version 6.5 Fortinet FortiAuthenticator version 6.4 Fortinet FortiAuthenticator version 6.6.0 through 6.6.6 Description An authenticated attacker with sponsor...

2.7CVSS6.3AI score0.00195EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-4330

Malware in sbrugna...

3.5CVSS6AI score0.01495EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2010-4245

Malware in sbrugna...

7.5CVSS6.4AI score0.01175EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2014-7864

Malware in sbrugna...

4CVSS6.4AI score0.01185EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 3:18 a.m.8 views

CVE-2013-2269

The Sponsorship Confirmation functionality in Aruba Networks ClearPass 5.x, 6.0.1, and 6.0.2, and Amigopod/ClearPass Guest 3.0 through 3.9.7, allows remote attackers to bypass intended access restrictions and approve a request by sending a guest request, then using "parameter manipulation" in...

5CVSS6.9AI score0.01358EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/30 7:20 p.m.4 views

WordPress HT Event plugin <= 1.4.7 - Authenticated (Contributor+) Sensitive Information Exposure via HT Event: Sponsor vulnerability

Authenticated Contributor+ Sensitive Information Exposure via HT Event: Sponsor vulnerability discovered by Ankit Patel in WordPress Plugin HT Event versions = 1.4.7...

4.3CVSS7AI score0.00306EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2023/10/29 3:31 p.m.453 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

CVE-2023-4966 An Exploitation script developed to exploit the...

9.4CVSS8.6AI score0.99999EPSS
Exploits15
Code423n4
Code423n4
added 2023/10/25 12:0 a.m.9 views

M-02 Unmitigated

Lines of code Vulnerability details Mitigation of M-02: Issue not mitigated Link to Issue: code-423n4/2023-09-asymmetry-findings54 Comments The sponsor has acknowledged the issue but decided to not mitigate it. Acknowledged and did not fix, plan to upgrade a fix in the future --- The text was...

7AI score
Exploits0
hivepro
hivepro
added 2023/09/19 6:56 a.m.11 views

Attacks, Vulnerabilities and Actors 11 September to 17 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, a total of eight attacks were executed, along with eleven vulnerabilities discovered, and two different adversaries...

6.8AI score
Exploits0
Rows per page
Query Builder