Lucene search
K

202 matches found

NVD
NVD
added 3 days ago9 views

CVE-2025-5017

The Catalyst Connect Zoho CRM Client Portal plugin for WordPress is vulnerable to time-based SQL Injection via the ‘uid’ parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

4.9CVSS0.00258EPSS
Exploits0References3
NVD
NVD
added 5 days ago7 views

CVE-2026-59224

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, backend/openwebui/routers/terminals.py built the wsterminal upstream URL from an unencoded sessionid and appended userid as a query parameter, allowing query injection to make the terminal backe...

8CVSS0.00286EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/05 10:45 p.m.30 views

CVE-2026-14775 SourceCodester Onlne Examination & Learning Management System process_lesson.php unrestricted upload

A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /processlesson.php. Such manipulation of the argument userid leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly...

6.5CVSS0.00214EPSS
Exploits0References6
NVD
NVD
added 2026/07/04 9:17 p.m.8 views

CVE-2026-14654

A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the argument userid leads to sql injection. The attack can be executed remotely. The exploit is publicly...

7.5CVSS0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/04 9:0 p.m.30 views

CVE-2026-14654 SourceCodester Simple and Nice Shopping Cart Script girlsproductdeletequery.php sql injection

A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the argument userid leads to sql injection. The attack can be executed remotely. The exploit is publicly...

7.5CVSS0.00412EPSS
Exploits0References6
CVE
CVE
added 2026/07/04 9:0 p.m.19 views

CVE-2026-14654

CVE-2026-14654 concerns an SQL injection in SourceCodester Simple and Nice Shopping Cart Script 1.0. The flaw affects an unknown function in the file /admin/girlsproductdeletequery.php where manipulating the user_id argument enables injection. The vulnerability can be exploited remotely and the e...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/09 11:44 p.m.37 views

CVE-2026-53673 BuddyPress 14.4.0 Private Message IDOR via REST API user_id Parameter

BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a userid parameter in the request. Attackers can pass another user's identifier to the...

8.6CVSS0.00294EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/29 6:43 a.m.12 views

CVE-2025-11262

The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the userid parameter in all versions up to, and including, 0.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS6AI score0.00233EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/29 6:43 a.m.8 views

CVE-2025-11262 Link Whisper Free <= 0.9.0 - Unauthenticated Stored Cross-Site Scripting

The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the userid parameter in all versions up to, and including, 0.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS6AI score0.00233EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.19 views

PT-2026-44755

The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user id parameter in all versions up to, and including, 0.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS6AI score0.00233EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/28 2:13 p.m.8 views

CVE-2026-35671

phpMyFAQ before 4.1.3 contains an insecure direct object reference vulnerability in the admin API user password endpoint that allows authenticated administrators to change any user's password without authorization verification. An attacker with low-privilege admin credentials can escalate to...

8.8CVSS5.8AI score0.00303EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:27 a.m.9 views

CVE-2026-7802

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

8.8CVSS6AI score0.00402EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.21 views

PT-2026-44179

Name of the Vulnerable Software and Affected Versions Frontend Admin by DynamiApps versions prior to 3.29.3 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attackers with subscriber-level...

8.8CVSS5.9AI score0.00402EPSS
Exploits0References16
EUVD
EUVD
added 2026/05/27 7:50 a.m.15 views

EUVD-2026-32128

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS6AI score0.00239EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/06 8:42 p.m.9 views

phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id

Summary The /admin/check endpoint in AuthenticationController implements SkipsAuthenticationCheck, making it reachable without any prior authentication. An anonymous attacker Bob can POST arbitrary user-id and token values to brute-force any user's 6-digit TOTP code. No rate limiting exists. The...

9.3CVSS6.1AI score0.00339EPSS
Exploits0References4Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/04/17 8:25 p.m.4 views

CVE-2026-40285

WeGIA is a web manager for charitable institutions. Versions prior to 3.6.10 contain a SQL injection vulnerability in dao/memorando/UsuarioDAO.php. The cpfusuario POST parameter overwrites the session-stored user identity via extract$REQUEST in DespachoControle::verificarDespacho, and the...

8.8CVSS5.9AI score0.00266EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/04/16 12:34 a.m.6 views

WordPress Riaxe Product Customizer plugin <= 2.1.2 - Unauthenticated Arbitrary User Deletion via 'user_id' Parameter vulnerability

Unauthenticated Arbitrary User Deletion via 'userid' Parameter vulnerability discovered by Kai Aizen in WordPress Plugin Riaxe Product Customizer versions = 2.1.2...

5.3CVSS5.8AI score0.00441EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.7 views

CVE-2026-33702

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an Insecure Direct Object Reference IDOR vulnerability in the Learning Path progress saving endpoint. The file lpajaxsaveitem.php accepts a uid user ID parameter directly from $REQUEST and uses it t...

7.1CVSS5.8AI score0.00238EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.7 views

PT-2026-32015

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.38 and prior to 2.0.0-RC.3 Description Chamilo LMS contains an Insecure Direct Object Reference IDOR vulnerability in the Learning Path progress saving endpoint. The lp ajax save item.php file accepts a uid...

7.1CVSS5.8AI score0.00238EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/08 11:45 p.m.3 views

CVE-2026-5824 code-projects Simple Laundry System userchecklogin.php sql injection

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /userchecklogin.php. Such manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed public...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References5
Rows per page
Query Builder