Lucene search
K

2121 matches found

CNNVD
CNNVD
added 2026/03/13 12:0 a.m.6 views

WordPress plugin Medilazar Core 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/10 9:46 p.m.3 views

CVE-2026-31830

sigstore-ruby is a pure Ruby implementation of the sigstore verify command from the sigstore/cosign project. Prior to 0.2.3, Sigstore::Verifierverify does not propagate the VerificationFailure returned by verifyintoto when the artifact digest does not match the digest in the in-toto attestation...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 9:46 p.m.2 views

CVE-2026-31830 sigstore-ruby verifier returns success for DSSE bundles with mismatched in-toto subject digest

sigstore-ruby is a pure Ruby implementation of the sigstore verify command from the sigstore/cosign project. Prior to 0.2.3, Sigstore::Verifierverify does not propagate the VerificationFailure returned by verifyintoto when the artifact digest does not match the digest in the in-toto attestation...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24484

Name of the Vulnerable Software and Affected Versions sigstore-ruby versions prior to 0.2.3 Description The software does not correctly handle verification failures when the artifact digest does not match the digest in the in-toto attestation subject. Specifically, the Sigstore::Verifierverify...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/06 12:19 p.m.3 views

CVE-2018-25171

EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the admin/editsource endpoint with crafted SQL UNION statements to extract database...

8.8CVSS6.1AI score0.00281EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/06 12:18 p.m.4 views

CVE-2018-25163 BitZoom 1.0 SQL Injection via rollno Parameter

BitZoom 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rollno and username parameters in forgot.php and login.php. Attackers can submit crafted POST requests with SQL UNION statements to...

8.8CVSS6.1AI score0.00245EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/06 7:54 a.m.5 views

CVE-2026-28019

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Manoir manoir allows PHP Local File Inclusion.This issue affects Manoir: from n/a through = 1.11...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:53 a.m.4 views

CVE-2026-28020

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Chroma chroma allows PHP Local File Inclusion.This issue affects Chroma: from n/a through = 1.11...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/05 6:52 a.m.9 views

SUSE CVE-2026-3494

In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen - or hash style comments, the statement is...

4.3CVSS5.8AI score0.00274EPSS
Exploits1References7
NVD
NVD
added 2026/03/05 6:16 a.m.6 views

CVE-2026-28039

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpDataTables wpDataTables wpdatatables allows PHP Local File Inclusion.This issue affects wpDataTables: from n/a through = 6.5.0.1...

7.5CVSS0.00349EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:54 a.m.35 views

CVE-2026-28092 WordPress Sounder theme <= 1.3.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Sounder sounder allows PHP Local File Inclusion.This issue affects Sounder: from n/a through = 1.3.11...

8.1CVSS0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:54 a.m.27 views

CVE-2026-28088 WordPress Aqualots theme <= 1.1.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Aqualots aqualots allows PHP Local File Inclusion.This issue affects Aqualots: from n/a through = 1.1.6...

8.1CVSS0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:54 a.m.32 views

CVE-2026-28020 WordPress Chroma theme <= 1.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Chroma chroma allows PHP Local File Inclusion.This issue affects Chroma: from n/a through = 1.11...

8.1CVSS0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:54 a.m.28 views

CVE-2026-27988 WordPress Equadio theme <= 1.1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Equadio equadio allows PHP Local File Inclusion.This issue affects Equadio: from n/a through = 1.1.3...

8.1CVSS0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.6 views

WordPress plugin Mahogany 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.4 views

PT-2026-23277

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX The Qlean the-qlean allows PHP Local File Inclusion.This issue affects The Qlean: from n/a through = 2.12...

5.9AI score0.00415EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

WordPress plugin Legrand 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.8 views

WordPress plugin Humanum 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.5 views

PT-2026-23312

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Bonbon bonbon allows PHP Local File Inclusion.This issue affects Bonbon: from n/a through = 1.6...

5.9AI score0.00433EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.8 views

WordPress plugin Peter Mason 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Rows per page
Query Builder