Lucene search
K

10 matches found

EUVD
EUVD
added 2026/05/05 12:40 p.m.8 views

EUVD-2026-27313

Fiber is a web framework for Go. In github.com/gofiber/fiber/v3 versions through 3.1.0, the default key generator in the cache middleware uses only the request path and does not include the query string. As a result, requests for the same path with different query parameters can share a cache key...

6.5CVSS5.8AI score0.00251EPSS
Exploits1References3
OSV
OSV
added 2026/04/06 8:16 p.m.3 views

UBUNTU-CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

7.5CVSS5.8AI score0.00443EPSS
Exploits1References3
EUVD
EUVD
added 2026/02/27 7:33 p.m.7 views

EUVD-2026-9054

Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. A missing authorization vulnerability has been identified in the application starting in version 2.7.0 and prior to version 3.1.0. It allows authenticated users to access and modify data belonging to other...

5.4CVSS5.8AI score0.00215EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8230

Malware in sbrugna...

7.5CVSS7.4AI score0.01672EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 5:3 p.m.11 views

CVE-2020-5266

In the pslink module for PrestaShop before version 3.1.0, there is a stored XSS when you create or edit a link list block with the title field. The problem is fixed in 3.1.0...

5.4CVSS5.8AI score0.00638EPSS
Exploits0
OSV
OSV
added 2023/10/25 6:17 p.m.3 views

CVE-2023-27260

Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

9.1CVSS5.8AI score0.00556EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/20 12:0 a.m.4 views

WordPress Plugin TS Webfonts for SAKURA 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.1CVSS6.5AI score0.00482EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/21 12:0 a.m.2 views

WordPress plugin Easy Digital Downloads 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A CSV injection vulnerabili...

9.8CVSS7.2AI score0.01218EPSS
Exploits2References2
CNVD
CNVD
added 2020/12/23 12:0 a.m.4 views

IBM Financial Transaction Manager Authorization Issues Vulnerability

IBM Financial Transaction Manager for High Value Payments for Multi-Platform FTM HVP is a financial transaction manager for multi-platforms from IBM, USA. The product is primarily used to monitor, track and report on financial payments and transactions. An authorization issue vulnerability exists...

6.3CVSS6.6AI score0.00755EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/01 12:0 a.m.3 views

YxtCMF v3.1.0 SQL Injection Vulnerability in Frontend ShitiController.class.php Page

YxtCMF Yi Xue Tang Online Learning System is an online learning platform system developed with thinkphp+bootstrap as the framework. YxtCMF v3.1.0 has a SQL injection vulnerability in the frontend ShitiController.class.php page. An attacker can exploit this vulnerability to obtain sensitive...

7.6AI score
Exploits0
Rows per page
Query Builder