Lucene search
K

5 matches found

vulncheck_kev
vulncheck_kev
added 2026/05/04 12:0 a.m.7 views

VulnCheck KEV: CVE-2026-2931

The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for...

8.8CVSS7.4AI score0.00382EPSS
In wildExploits0References2
cve
cve
added 2026/03/26 3:37 a.m.21 views

CVE-2026-2931

The CVE-2026-2931 entry concerns the Amelia Booking plugin for WordPress (versions up to and including 9.1.2). The vulnerability is an Insecure Direct Object Reference that allows a user-controlled access to objects, enabling authenticated users with customer-level permissions or higher to change...

8.8CVSS5.8AI score0.00382EPSS
In wildExploits0References4
redhatcve
redhatcve
added 2026/01/10 5:41 a.m.14 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

5.3CVSS7.5AI score0.00311EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/08/25 12:0 a.m.4 views

TOTOLINK A3700R 缓冲区错误漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK A3700R version V9.1.2u.6134B20201202, which stems from a stack overflow in the command parameter of the setTracerouteCfg method...

7.8CVSS5.6AI score0.00327EPSS
Exploits1References2
osv
osv
added 2017/04/20 2:59 a.m.3 views

CVE-2017-7283

An authenticated user of Unitrends Enterprise Backup before 9.1.2 can execute arbitrary OS commands by sending a specially crafted filename to the /api/restore/download-files endpoint, related to the downloadFiles function in api/includes/restore.php...

8.8CVSS6AI score0.0428EPSS
Exploits1References2
Rows per page
Query Builder