Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/21 10:4 a.m.4 views

CVE-2026-6553

Changing backend users' passwords via the user settings module results in storing the cleartext password in the uc and usersettings fields of the beusers database table. This issue affects TYPO3 CMS version 14.2.0...

7.3CVSS5.8AI score0.00167EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-5539

Malware in sbrugna...

7.5CVSS6.4AI score0.02437EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/05/12 2:19 a.m.4 views

SUSE CVE-2023-32076

in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...

5.5CVSS7.2AI score0.00241EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/05/10 6:15 p.m.23 views

CVE-2023-32076

in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...

5.5CVSS6AI score0.00241EPSS
Exploits0References5
OSV
OSV
added 2023/05/10 5:58 p.m.23 views

CVE-2023-32076 in-toto vulnerable to Configuration Read From Local Directory

in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...

5.5CVSS5.8AI score0.00241EPSS
Exploits0References6
Cvelist
Cvelist
added 2010/04/21 2:0 p.m.27 views

CVE-2009-4786

Multiple cross-site scripting XSS vulnerabilities in Pligg before 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to 1 admin/adminconfig.php, 2 admin/adminmodules.php, 3 delete.php, 4 editlink.php, 5 submit.php, 6 submitgroups.php, 7...

5.7AI score0.01624EPSS
Exploits0References3
NVD
NVD
added 2006/10/26 5:7 p.m.15 views

CVE-2006-5554

Directory traversal vulnerability in index.php in Imageview 5 allows remote attackers to read or execute arbitrary local files via a .. dot dot in the usersettings cookie, as demonstrated by using the MyFile parameter in albumview.php to upload a text/plain .gif file containing PHP code, which is...

7.5CVSS7.2AI score0.02437EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/10/26 5:0 p.m.21 views

CVE-2006-5554

Directory traversal vulnerability in index.php in Imageview 5 allows remote attackers to read or execute arbitrary local files via a .. dot dot in the usersettings cookie, as demonstrated by using the MyFile parameter in albumview.php to upload a text/plain .gif file containing PHP code, which is...

7.2AI score0.02437EPSS
Exploits1References4
Rows per page
Query Builder