Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.10 views

CVE-2026-47349

Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3...

5.3CVSS5.5AI score0.00238EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 10:51 a.m.7 views

CVE-2026-47349 TYPO3 CMS - Broken Access Control in Recycler

Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3...

5.3CVSS5.5AI score0.00238EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 10:51 a.m.23 views

CVE-2026-47349

CVE-2026-47349 affects TYPO3 CMS where backend users with access to the Recycler module could restore soft-deleted records on pages or tables they are not authorized to modify. Affected versions: 10.4.57 and earlier in 10.x; 11.0.0–11.5.51; 12.0.0–12.4.46; 13.0.0–13.4.31; 14.0.0–14.3.3. Root caus...

5.3CVSS5.5AI score0.00238EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 10:51 a.m.31 views

CVE-2026-47349 TYPO3 CMS - Broken Access Control in Recycler

Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3...

5.3CVSS0.00238EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/06 7:54 p.m.10 views

EUVD-2026-28158

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.restore function does not properly validate anti-CSRF tokens for content restoration requests. An attacker can trick a logged-in administrator to submit a forged request that restores deleted...

8.7CVSS5.7AI score0.00151EPSS
Exploits0References1
NVD
NVD
added 2026/03/18 4:16 p.m.8 views

CVE-2025-55044

The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations through CSRF. The vulnerable cTrash.restore function lacks CSRF token validation, enabling malicious websites to forge requests that restore content...

8.8CVSS0.00128EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/18 12:0 a.m.3 views

CVE-2025-55044

The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations through CSRF. The vulnerable cTrash.restore function lacks CSRF token validation, enabling malicious websites to forge requests that restore content...

5.8AI score0.00128EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 12:5 p.m.31 views

CVE-2024-39865

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path of the restored file. This could allow an attacker...

8.8CVSS0.00447EPSS
Exploits0References1
OSV
OSV
added 2024/03/07 12:15 p.m.2 views

CVE-2024-28229

In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles...

6.5CVSS5.8AI score0.0052EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/06 12:0 a.m.4 views

PT-2024-2107 · Jetbrains · Jetbrains Youtrack

Name of the Vulnerable Software and Affected Versions: JetBrains YouTrack versions prior to 2024.1.25893 Description: The issue is related to insufficient authorization mechanisms in JetBrains YouTrack, allowing a remote attacker to bypass existing security restrictions. This could enable a user...

6.8CVSS7.3AI score0.0052EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2023/02/09 12:0 a.m.10 views

CVE-2022-48301

The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been uninstalled...

7.2AI score0.00327EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/07/22 12:0 a.m.2 views

PT-2019-16984 · Hewlett Packard +2 · Hp-Ux +2

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Protect version 7.1 Description: The issue affects the backup or archive operation of HP-UX VxFS objects. If an object has more than twelve Access Control List ACL entries, the IBM Spectrum Protect client silently skips these...

5.1CVSS4.7AI score0.00321EPSS
Exploits0References3
NVD
NVD
added 2006/04/06 10:4 a.m.17 views

CVE-2006-1649

The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions...

7.2CVSS6AI score0.00478EPSS
Exploits1References8
Prion
Prion
added 2006/04/06 10:4 a.m.20 views

Design/Logic Flaw

The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions...

7.2CVSS6.5AI score0.00478EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2006/04/06 10:0 a.m.20 views

CVE-2006-1649

The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions...

6AI score0.00478EPSS
Exploits1References8
Rows per page
Query Builder