Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

CNNVD
CNNVDadded 2026/03/20 12:0 a.m.3 views

Statamic 安全漏洞

Statamic is a powerful flat-file CMS built using Laravel by Statamic Inc. It allows all content, templates, assets, and settings to be stored in files rather than in a database. Versions of Statamic 5.73.14 and earlier, as well as 6.7.0, contained security vulnerabilities. These vulnerabilities...

4.3CVSS5.8AI score0.00014EPSS
Exploits0References1
OSV
OSVadded 2026/03/18 8:0 p.m.1 views

GHSA-WH3H-GVC4-CC2G Statamic is missing authorization check on taxonomy term creation via fieldtype

Impact Low-privileged Control Panel users could create taxonomy terms by submitting requests to the field action processing endpoint with attacker-controlled field definitions. This bypasses the authorization checks enforced on the standard taxonomy term creation endpoint. Patches This has been...

4.3CVSS5.7AI score0.00014EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/04/09 12:0 a.m.3 views

PT-2024-17965 · WordPress · The Classified Listing – Classified Ads & Business Directory Plugin

Name of the Vulnerable Software and Affected Versions: The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress versions up to, and including, 3.0.4 Description: The issue allows unauthorized access and modification of data due to a missing capability check on the...

6.5CVSS9.3AI score0.00344EPSS
Exploits0References7
OSV
OSVadded 2021/09/22 4:49 p.m.3 views

DRUPAL-CONTRIB-2021-031

The module provides a field widget for selecting taxonomy terms in a hierarchical fashion. The module doesn't sanitize user input in certain cases, leading to a possible Cross-Site-Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with...

6.5AI score
Exploits0References1
Drupal
Drupaladded 2021/09/22 12:0 a.m.5 views

Client-side Hierarchical Select - Moderately critical - Cross-site scripting - SA-CONTRIB-2021-031

The module provides a field widget for selecting taxonomy terms in a hierarchical fashion. The module doesn't sanitize user input in certain cases, leading to a possible Cross-Site-Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with...

5.6AI score
Exploits0References6
Drupal
Drupaladded 2019/03/13 12:0 a.m.7 views

Simple hierarchical select - Moderately critical - Cross site request forgery - SA-CONTRIB-2019-038

Simple hierarchical select defines a new form widget for taxonomy fields to select a term by "browsing" through the vocabularies hierarchy. It also allows users to create new taxonomy terms using its widget directly in the node form. Version 7.x of Simple hierarchical select doesn't sufficiently...

7AI score
Exploits0References4
Rows per page
Query Builder