CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22629 – WordPress iNET Webkit Plugin <= 1.2.2 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2025-22629
11 Feb 2025 — Missing Authorization vulnerability in iNET iNET Webkit allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects iNET Webkit: from n/a through 1.2.2. The iNET Webkit plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to perform an unauthorized action. • https://patchstack.com/database/wordpress/plugin/inet-webkit/vulnerability/wordpress-inet-webkit-plugin-1-2-2-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2009-0292 – SHOP-INET 4 - 'grid' SQL Injection
https://notcve.org/view.php?id=CVE-2009-0292
27 Jan 2009 — SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbitrary SQL commands via the grid parameter. Vulnerabilidad de inyección SQL en el archivo show_cat2.php en SHOP-INET 4, permite a los atacantes remotos ejecutar arbitrariamente comandos SQL a través del parámetro grid. • https://www.exploit-db.com/exploits/7874 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 1CVE-1999-0023 – BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
https://notcve.org/view.php?id=CVE-1999-0023
24 Jul 1996 — Local user gains root privileges via buffer overflow in rdist, via lookup() function. • https://www.exploit-db.com/exploits/19106 •