5068385 matches found
CVE-2026-16203
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /forCYS.php. Such manipulation of the argument course leads to cross site scripting. The attack may be performed from remote. The exploit is...
CVE-2026-16202
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /CYS.php. This manipulation of the argument course causes cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-16206 django-oauth django-oauth-toolkit oauth2_validators.py _load_id_token session expiration
A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function loadidtoken of the file oauth2provider/oauth2validators.py. The manipulation leads to session expiration. The attack can be initiated remotely. The project was informed of the...
CVE-2026-16206 django-oauth django-oauth-toolkit oauth2_validators.py _load_id_token session expiration
A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function loadidtoken of the file oauth2provider/oauth2validators.py. The manipulation leads to session expiration. The attack can be initiated remotely. The project was informed of the...
CVE-2026-16205 Pluck CMS Albums albums.admin.php htmlspecialchars_decode cross site scripting
A weakness has been identified in Pluck CMS up to 4.7.21. This vulnerability affects the function htmlspecialcharsdecode of the file data/modules/albums/albums.admin.php of the component Albums Module. Executing a manipulation of the argument Info can lead to cross site scripting. It is possible ...
CVE-2026-16205 Pluck CMS Albums albums.admin.php htmlspecialchars_decode cross site scripting
A weakness has been identified in Pluck CMS up to 4.7.21. This vulnerability affects the function htmlspecialcharsdecode of the file data/modules/albums/albums.admin.php of the component Albums Module. Executing a manipulation of the argument Info can lead to cross site scripting. It is possible ...
CVE-2026-16204 zevorn rt-claw Telegram-to-AI Tool Execution Flow script.c tool_run_script_execute code injection
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function toolrunscriptexecute of the file claw/services/tools/script.c of the component Telegram-to-AI Tool Execution Flow. Performing a manipulation results in code injection. It is possible to initiate the attac...
CVE-2026-16204 zevorn rt-claw Telegram-to-AI Tool Execution Flow script.c tool_run_script_execute code injection
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function toolrunscriptexecute of the file claw/services/tools/script.c of the component Telegram-to-AI Tool Execution Flow. Performing a manipulation results in code injection. It is possible to initiate the attac...
CVE-2026-16203
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /forCYS.php. Such manipulation of the argument course leads to cross site scripting. The attack may be performed from remote. The exploit is...
CVE-2026-16203 SourceCodester Class and Exam Timetabling System forCYS.php cross site scripting
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /forCYS.php. Such manipulation of the argument course leads to cross site scripting. The attack may be performed from remote. The exploit is...
CVE-2026-16201
A vulnerability was found in zevorn rt-claw up to 0.2.0. Affected is the function clawnetget/clawnetpost of the file claw/services/tools/net.c of the component httprequest. The manipulation results in information disclosure. The attack can be executed remotely. The exploit has been made public an...
CVE-2026-16200
A vulnerability has been found in zevorn rt-claw up to 0.2.0. This impacts the function clawtoolinvoke of the file claw/services/swarm/swarm.c of the component RPC Handler. The manipulation leads to incorrect authorization. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-16202 SourceCodester Class and Exam Timetabling System CYS.php cross site scripting
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /CYS.php. This manipulation of the argument course causes cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-16202
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /CYS.php. This manipulation of the argument course causes cross site scripting. The attack is possible to be carried out remotely. The...
wp2shell
WP2Shell - WordPress REST API Exploitation Framework Automate...
CVE-2026-16201
A vulnerability was found in zevorn rt-claw up to 0.2.0. Affected is the function clawnetget/clawnetpost of the file claw/services/tools/net.c of the component httprequest. The manipulation results in information disclosure. The attack can be executed remotely. The exploit has been made public an...
CVE-2026-16201 zevorn rt-claw http_request net.c claw_net_post information disclosure
A vulnerability was found in zevorn rt-claw up to 0.2.0. Affected is the function clawnetget/clawnetpost of the file claw/services/tools/net.c of the component httprequest. The manipulation results in information disclosure. The attack can be executed remotely. The exploit has been made public an...
EUVD-2026-45412
A vulnerability was found in zevorn rt-claw up to 0.2.0. Affected is the function clawnetget/clawnetpost of the file claw/services/tools/net.c of the component httprequest. The manipulation results in information disclosure. The attack can be executed remotely. The exploit has been made public an...
EUVD-2026-45408
A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. The affected element is the function handleMessageReceive of the file pkg/channels/feishu/feishu64.go of the component Group Message Handler. Such manipulation leads to missing authorization. The attack can be launched...
EUVD-2026-45407
A weakness has been identified in Sipeed PicoClaw up to 0.2.9. Impacted is the function isPrivateOrRestrictedIP of the file pkg/tools/integration/web.go of the component webfetch. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has been made...