Lucene search
K

15 matches found

CVE
CVE
added 2 days ago8 views

CVE-2026-14468

Terraform Enterprise contains a vulnerability in its VCS ingestion of registry modules where the boundary on packaged module content was not correctly enforced. An authenticated user could include files from outside the intended repository content in a module and then download them, potentially e...

7.7CVSS6AI score0.00295EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 2:15 p.m.8 views

JLSEC-2026-365

A potential memory leak issue was discovered in SDL2 in GLESCreateTexture function in SDLrendergles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected...

7.5CVSS7.4AI score0.01265EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.5 views

CVE-2025-66135 WordPress Imager for Elementor plugin <= 2.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Imager for Elementor imager-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Imager for Elementor: from n/a through = 2.0.4...

5.4CVSS5.9AI score0.0022EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 1:10 p.m.3 views

CVE-2025-68578 WordPress Addonify plugin <= 2.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Addonify Addonify addonify-quick-view allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Addonify: from n/a through = 2.0.4...

5.3CVSS6.6AI score0.00219EPSS
Exploits0References1
CVE
CVE
added 2025/09/12 9:25 p.m.24 views

CVE-2025-10176

The CVE-2025-10176 entry concerns The Hack Repair Guy's Plugin Archiver for WordPress, with ARBITRARY FILE DELETION in prepare_items across versions up to 2.0.4. The issue arises from insufficient file path validation, enabling authenticated users with Administrator-level access to delete arbitra...

7.2CVSS7AI score0.0068EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.6 views

PT-2025-37355

Name of the Vulnerable Software and Affected Versions: The Hack Repair Guy's Plugin Archiver plugin for WordPress versions up to and including 2.0.4 Description: The Plugin Archiver plugin for WordPress is susceptible to arbitrary file deletion due to inadequate file path validation within the...

7.2CVSS7AI score0.0068EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 10:44 p.m.5 views

CVE-2022-29358

epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in parsespecialtag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted XML file...

5.5CVSS7.3AI score0.00568EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/04 3:58 p.m.6 views

CVE-2025-32120 WordPress Easy Query – WP Query Builder plugin <= 2.0.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edanzer Easy Query – WP Query Builder easy-query allows Blind SQL Injection.This issue affects Easy Query – WP Query Builder: from n/a through = 2.0.4...

7.6CVSS8.9AI score0.00548EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.5 views

PT-2025-1784 · WordPress · Woocommerce Check Pincode/Zipcode For Shipping Plugin

Name of the Vulnerable Software and Affected Versions: Woocommerce check pincode/zipcode for shipping plugin for WordPress versions up to, and including, 2.0.4 Description: The issue is due to missing or incorrect nonce validation, making it possible for unauthenticated attackers to inject...

6.1CVSS6.7AI score0.00185EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.6 views

WordPress plugin Themify Audio Dock 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS7.7AI score0.00279EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/06 12:0 a.m.3 views

PT-2024-27404 · Kodezen Limited · Academy Lms

Name of the Vulnerable Software and Affected Versions: Academy LMS versions 2.0.4 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, in Kodezen Limited Academy LMS. This vulnerability allows for redirection to...

3.5CVSS6.8AI score0.0027EPSS
Exploits0References6
OSV
OSV
added 2023/01/12 7:15 p.m.4 views

UBUNTU-CVE-2022-4743

A potential memory leak issue was discovered in SDL2 in GLESCreateTexture function in SDLrendergles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected...

7.5CVSS7.1AI score0.01265EPSS
Exploits0References4
PyPA
PyPA
added 2021/10/15 3:15 p.m.6 views

PYSEC-2021-380

Ops CLI version 2.0.4 and earlier is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkoutrepo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim machine...

10CVSS8.2AI score0.09219EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/08/13 12:0 a.m.2 views

PHP Scripts Mall hotel-booking-script Denial of Service Vulnerability

PHP Scripts Mall hotel-booking-script is a hotel booking system script by PHP Scripts Mall India, which includes features like advanced CMS management, review management and booking management. A denial of service vulnerability exists in PHP Scripts Mall hotel-booking-script version 2.0.4, which...

6.5CVSS6.6AI score0.01138EPSS
Exploits1References1
securityvulns
securityvulns
added 2004/07/15 12:0 a.m.24 views

[Full-Disclosure] XSS in Board Power forum

Programm: Board Power forum v2.04 PF Autor: Ivan Zhdanov CRITICAL: Low Exploit: http://target/cgi-bin/boardpower/icq.cgi?action=scriptjavascript:alert 'hello';/script URL: http://www.thewebmasterforums.com ...... Maxpatrol - Professional Network Security Scanner www.maxpatrol.com. Full-Disclosure...

Exploits0
Rows per page
Query Builder