CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-49777

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0025EPSS

Exploits1References1

OSV•added 2023/07/31 6:15 p.m.•15 views

CVE-2023-38989

An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information...

4.3CVSS6.9AI score

Exploits0References1

Prion•added 2023/07/31 6:15 p.m.•15 views

Information disclosure

An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information...

4CVSS4.6AI score0.00062EPSS

Exploits1References1Affected Software1

CVE•added 2023/07/31 12:0 a.m.•49 views

CVE-2023-38989

Jeesite v1.2.6 has a vulnerability in the delete function of the UserController that allows authenticated attackers to arbitrarily delete the Administrator’s role information. Multiple sources (NVD, RH, OSV, CVE lists, and PTSecurity) confirm the affected software/version and the underlying issue...

4.3CVSS4.5AI score0.00062EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/07/31 12:0 a.m.•1 views

PT-2023-26718 · Jeesite · Jeesite

Name of the Vulnerable Software and Affected Versions: jeesite version 1.2.6 Description: An issue in the delete function in the UserController class allows authenticated attackers to arbitrarily delete the Administrator's role information. Recommendations: For jeesite version 1.2.6, consider...

4.3CVSS4.6AI score0.00062EPSS

Exploits1References5

Cvelist•added 2023/07/31 12:0 a.m.•10 views

CVE-2023-38989

An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information...

4.8AI score0.00062EPSS

Exploits1References1

Vulnrichment•added 2023/07/31 12:0 a.m.•15 views

CVE-2023-38989

An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information...

6.9AI score0.00062EPSS

Exploits1References1

Cvelist•added 2023/01/25 12:0 a.m.•10 views

CVE-2022-46999

Tuzicms v2.0.6 was discovered to contain a SQL injection vulnerability via the component \App\Manage\Controller\UserController.class.php...

10AI score0.0025EPSS

Exploits1References1

Veracode•added 2021/11/15 3:7 a.m.•16 views

Cross-Site Request Forgery (CSRF)

showdoc/showdoc is vulnerable to cross-site request forgery. An attacker can add arbitrary members to the team through the register function in UserController.class.php...

6.5CVSS5.1AI score0.00112EPSS

Exploits1References4Affected Software1

CNNVD•added 2021/11/13 12:0 a.m.•1 views

showdoc 跨站请求伪造漏洞

ShowDoc is an open source tool for IT teams to share documents online. ShowDoc is vulnerable to cross-site request forgery, which stems from the lack of effective filtering and restriction of cookies set in the software's UserController.class.php, and can be exploited by attackers to cause...

6.5CVSS5.4AI score0.00112EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by