Lucene search
K

4 matches found

CVE
CVE
added 4 days ago33 views

CVE-2026-27783

CVE-2026-27783 affects Gitea versions up to 1.26.1. The vulnerability arises because the issue_templates, issue_config, and issue_config/validate endpoints do not enforce repository-unit authorization, allowing callers with any repository unit (e.g., Issues) to read Code-tree files from the repos...

4.3CVSS7.1AI score0.00283EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/20 11:25 p.m.8 views

CVE-2026-3474 EmailKit <= 1.6.3 - Authenticated (Administrator+) Path Traversal via 'emailkit-editor-template' REST API Parameter

The EmailKit – Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 1.6.3. This is due to the action function in the TemplateData class passing user-supplied input from the 'emailkit-editor-templat...

4.9CVSS5.9AI score0.00397EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/05/12 12:0 a.m.7 views

CVE-2025-44830

EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet interface...

9.8AI score0.00392EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/02/03 12:0 a.m.11 views

Gin-Vue-Admin 路径遍历漏洞

Gin-Vue-Admin is a full-stack pre-development infrastructure platform based on Vue and Gin development. A path traversal vulnerability exists in Gin-Vue-Admin versions before 2.5.5, which stems from a security issue in the downloadTemplate, ExportExcel interfaces, resulting in a path traversal...

7.5CVSS7.2AI score0.00928EPSS
Exploits1References3
Rows per page
Query Builder