Lucene search
K

8 matches found

Vulnrichment
Vulnrichment
added 2026/04/30 10:0 p.m.5 views

CVE-2026-7505 nextlevelbuilder GoClaw/GoClaw Lite RPC improper authorization

A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading to version...

7.5CVSS6.7AI score0.00381EPSS
Exploits0References8
CVE
CVE
added 2026/04/30 10:0 p.m.10 views

CVE-2026-7505

The CVE-2026-7505 flaw affects nextlevelbuilder GoClaw and GoClaw Lite (up to v3.8.5) in an RPC Handler function, enabling improper authorization that could be exploited remotely. The issue has been assigned a Proof-of-Concept maturity with remote attack potential; upgrading to v3.9.0 is the offi...

7.5CVSS7AI score0.00381EPSS
Exploits0References8
EUVD
EUVD
added 2026/03/07 9:30 a.m.6 views

EUVD-2026-10140

Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential producti...

5.8AI score0.01177EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/07 8:51 a.m.28 views

CVE-2026-24308 Apache ZooKeeper: Sensitive information disclosure in client configuration handling

Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential producti...

0.01177EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.11 views

Apache Zookeeper 安全漏洞

Apache Zookeeper is a software project of the Apache Foundation in the United States. It provides open-source distributed configuration services, synchronization services, and naming and registration functions for large-scale distributed computing systems. Versions 3.8.5 and 3.9.4 of Apache...

7.5CVSS7.1AI score0.01177EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/29 12:0 a.m.4 views

PT-2024-23403 · WordPress · Wordpress Announcement & Notification Banner Plugin – Bulletin

Name of the Vulnerable Software and Affected Versions: WordPress Announcement & Notification Banner Plugin – Bulletin versions 3.8.5 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allo...

7.6CVSS9.9AI score0.00574EPSS
Exploits0References7
CNVD
CNVD
added 2019/07/29 12:0 a.m.5 views

WordPress Simple Membership plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Simple Membership plugin is used in one of the website membership plugin. A cross-site request forgery vulnerability exists in the Bulk...

8.8CVSS6.7AI score0.0315EPSS
Exploits6References1
CNVD
CNVD
added 2018/03/15 12:0 a.m.4 views

Joomla! SQL Injection Vulnerability (CNVD-2018-06458)

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A SQL injection vulnerability exists in the user comments list view in Joomla!...

8.8CVSS7.9AI score0.29245EPSS
Exploits2References1
Rows per page
Query Builder