Lucene search
K

79808 matches found

EUVD
EUVD
added 5 hours ago7 views

EUVD-2026-43625

The SureForms WordPress plugin before 2.11.1 does not properly validate the payment amount on forms that use a dynamically-sourced variable/hidden payment amount, allowing unauthenticated users to underpay for the configured product or subscription. Forms using a fixed configured price are not...

6.1AI score
Exploits0References1
EUVD
EUVD
added 11 hours ago4 views

EUVD-2026-43575

Cockpit CMS contains a missing authorization vulnerability in the Bucket file storage API /system/buckets/api. The api method in modules/System/Controller/Buckets.php executes bucket commands ls, upload, removefiles, rename, createfolder without performing any ACL or role check. Any authenticated...

8.8CVSS6.1AI score
Exploits0References5
NVD
NVD
added yesterday5 views

CVE-2026-61463

Shiori contains a privilege escalation vulnerability in the account update endpoint that allows authenticated users to modify the owner field without authorization checks. Attackers can escalate to administrator by submitting a crafted PATCH request with owner: true, then re-authenticate to obtai...

8.8CVSS
Exploits0References4
CVE
CVE
added yesterday7 views

CVE-2026-61463

CVE-2026-61463 : Shiori contains a privilege escalation in the account update endpoint. An authenticated user can modify the owner field without authorization checks by submitting a crafted PATCH request with owner: true, then re-authenticate to obtain an admin JWT token that grants full system a...

8.8CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added yesterday6 views

EUVD-2026-43316

This vulnerability is a critical Server-Side Template Injection SSTI in Centreon's centreon-open-tickets module that leads to Remote Code Execution. The messageconfirm field is stored without sanitization and rendered via Smarty with no security policy enabled, allowing any authenticated user, to...

9.6CVSS6.4AI score0.00478EPSS
Exploits0References2
EUVD
EUVD
added yesterday6 views

EUVD-2026-43287

The Tutor LMS WordPress plugin before 3.9.13 does not verify ownership of the targeted quiz attempt before writing to it, allowing authenticated users with subscriber-level access and above to modify and force-complete other students' quiz attempts, overwriting their recorded marks and pass/fail...

5.4CVSS6.1AI score0.00132EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday22 views

CVE-2026-14453 A user with low privileges can inject SSTI templates that can lead to RCE in open-tickets

This vulnerability is a critical Server-Side Template Injection SSTI in Centreon's centreon-open-tickets module that leads to Remote Code Execution. The messageconfirm field is stored without sanitization and rendered via Smarty with no security policy enabled, allowing any authenticated user, to...

9.6CVSS0.00478EPSS
Exploits0References1
NVD
NVD
added yesterday8 views

CVE-2026-14165

An Authorization Bypass Through User-Controlled Key vulnerability affecting Tuleap Enterprise Edition from 17.0 through 17.5 could allow an attacker to access data of other users without authorization...

7.5CVSS0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday22 views

CVE-2026-10106 Unauthorized users can trigger interactive post actions in private channels via action cookie channel mismatch in Mattermost

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to verify that the channel referenced in an action cookie matches the channel of the target post, which allows an authenticated user without access to a private channel to trigger interactive post actions on posts in th...

6.5CVSS0.00174EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday18 views

CVE-2026-11963 User Registration & Membership < 5.2.2 - Subscriber+ Cross-User Role and Membership Tier Modification via IDOR

The User Registration & Membership WordPress plugin before 5.2.2 does not perform an authorization check on a membership-upgrade action and derives the user to modify from a caller-supplied identifier instead of the current user, allowing any authenticated user such as a subscriber to change...

0.00132EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday93 views

pfSense - Arbitrary File Write

diagroutes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection...

9CVSS7.1AI score0.87113EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday103 views

MagnusBilling Alarm Module - Cross-Site Scripting

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling Alarm Module modules allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php.This issue affects MagnusBilling-...

7.6CVSS5.8AI score0.00888EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday28 views

LiteLLM - Arbitrary File Read

LiteLLM 1.83.0 contains a broken access control vulnerability caused by lack of admin role enforcement on /config/update endpoint, letting authenticated users modify configurations, execute code, read files, and take over accounts. id: CVE-2026-35029 info: name: LiteLLM - Arbitrary File Read...

8.8CVSS6.2AI score0.26409EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday55 views

WordPress Job Portal < 2.0.6 - SQL Injection

The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape the city parameter before using it in a SQL statement,leading to a SQL injection vulnerability that is exploitable by unauthenticated users. This vulnerability can be used to extractsensitive data from the database or...

9.8CVSS7AI score0.03096EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday13 views

Bulk Me Now! Plugin <= 2.0 - Cross-Site Scripting

Bulk Me Now! WordPress plugin = 2.0 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a...

7.1CVSS7AI score0.00532EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday46 views

Web Directory Free < 1.7.0 - SQL Injection

The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. id: CVE-2024-3552 info: name: Web Directory Free 1.7.0 - SQL...

9.8CVSS6.1AI score0.67288EPSS
Exploits4References2
Nuclei
Nuclei
added yesterday45 views

Shield Security Plugin < 20.0.6 - Cross-Site Scripting

The Shield Security WordPress plugin before 20.0.6 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the 'navsub' parameter in the admin dashboard, allowing authenticated users to execute arbitrary JavaScript in the context of other...

6.1CVSS6.3AI score0.01444EPSS
Exploits3References3
Nuclei
Nuclei
added yesterday101 views

FXServer < v9601 - Information Exposure

Incorrect Access Control in FXServer version's v9601 and prior, for CFX.re FiveM, allows unauthenticated users to modify and read userdata via exposed api endpoint. id: CVE-2024-46310 info: name: FXServer v9601 - Information Exposure author: s4e-io severity: medium description: | Incorrect Access...

9.1CVSS6.2AI score0.02393EPSS
Exploits3References3
Nuclei
Nuclei
added yesterday70 views

Ninja Forms < 3.6.26 - Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin id: CVE-2023-37979 info: name: Ninja Forms 3.6.26 - Cross-Site Scripting author: r3Y3r53 severity:...

7.1CVSS6.8AI score0.0601EPSS
Exploits6References5
Nuclei
Nuclei
added yesterday35 views

WP Triggers Lite - Cross-Site Scripting

WP Triggers Lite WordPress plugin v2.5.3 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a...

7.1CVSS7AI score0.00555EPSS
Exploits1References2
Rows per page
Query Builder