Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded yesterday5 views

CVE-2026-57518 Pagekit CMS 1.0.18 Privilege Escalation via UserApiController

Pagekit CMS 1.0.18 contains a privilege escalation vulnerability that allows authenticated users with the 'user: manage users' permission to escalate privileges by assigning arbitrary custom roles to themselves due to missing authorization checks in UserApiController::saveAction. Attackers can...

8.8CVSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/10/28 4:54 p.m.3 views

CVE-2025-12297

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used...

5.3CVSS6.4AI score0.00327EPSS
Exploits1References1
NVD
NVDadded 2025/10/27 5:15 p.m.3 views

CVE-2025-12297

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used...

5.3CVSS0.00327EPSS
Exploits1References4
OSV
OSVadded 2025/10/27 5:15 p.m.3 views

CVE-2025-12297

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used...

5.3CVSS4.6AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/10/27 4:32 p.m.2 views

CVE-2025-12297 atjiu pybbs UserApiController.java information disclosure

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used...

5.3CVSS4.6AI score0.00327EPSS
Exploits1References4
CVE
CVEadded 2025/10/27 4:32 p.m.10 views

CVE-2025-12297

CVE-2025-12297 affects atjiu pybbs up to v6.0.0, involving an unknown function in UserApiController.java. The manipulation causes information disclosure and can be exploited remotely; the exploit is publicly available (PoC in some sources). Multiple connected sources corroborate the surface and i...

5.3CVSS4.7AI score0.00327EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2025/10/27 4:32 p.m.9 views

CVE-2025-12297 atjiu pybbs UserApiController.java information disclosure

A vulnerability was detected in atjiu pybbs up to 6.0.0. This affects an unknown function of the file UserApiController.java. The manipulation results in information disclosure. The attack may be launched remotely. The exploit is now public and may be used...

5.3CVSS0.00327EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/10/27 12:0 a.m.3 views

pybbs 访问控制错误漏洞

pybbs is a community platform for Java development by iuiu individual developers. An access control error vulnerability exists in pybbs version 6.0.0 and earlier, which stems from the misuse of an unknown function in the file UserApiController.java, which could lead to information disclosure...

5.3CVSS4.6AI score0.00327EPSS
Exploits1References5
Rows per page
Query Builder