Exploit for Improper Authentication in Influxdata Influxdb

LAB 5-CVE-2019-20933 I. SYSTEM ANALYSIS Identify...

WordPress Genemy theme <= 1.6.6 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Genemy versions = 1.6.6...

WordPress Genemy theme <= 1.6.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Genemy versions = 1.6.6...

Astra Linux - уязвимость в containerd

Containerd is an open-source container runtime. A bug was discovered in the CRI implementation of Containerd, where programs within a container can cause the Containerd daemon to consume memory indefinitely during the invocation of the ExecSync API. This can result in Containerd consuming all...

WordPress Embedder for Google Reviews plugin <= 1.6.6 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Embedder for Google Reviews versions = 1.6.6...

CVE-2026-25396

Missing Authorization vulnerability in CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Commerce Coinbase For WooCommerce: from n/a through = 1.6.6...

CVE-2026-26001

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...

EUVD-2026-15707

Missing Authorization vulnerability in CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Commerce Coinbase For WooCommerce: from n/a through = 1.6.6...

CVE-2026-25396

Missing Authorization vulnerability in CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Commerce Coinbase For WooCommerce: from n/a through = 1.6.6...

CVE-2026-25396 WordPress Commerce Coinbase For WooCommerce plugin <= 1.6.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Commerce Coinbase For WooCommerce: from n/a through = 1.6.6...

CVE-2026-25396

The CVE-2026-25396 entry concerns a Missing Authorization vulnerability in the WordPress plugin CoderPress Commerce Coinbase For WooCommerce (commerce-coinbase-for-woocommerce). Affected versions are through 1.6.6, where an incorrectly configured access-control mechanism allows exploitation of ac...

WordPress Commerce Coinbase For WooCommerce plugin <= 1.6.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Commerce Coinbase For WooCommerce versions = 1.6.6...

CVE-2026-26001

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...

GLPI Inventory Plugin SQL注入漏洞

GLPI Inventory Plugin is an open-source plugin developed by French company GLPI. It is used to process various types of tasks for the GLPI agent. Versions of the GLPI Inventory Plugin prior to 1.6.6 contained a SQL injection vulnerability, which stems from improper handling of user input,...

CVE-2026-26001 GLPI Inventory Plugin has SQL Injection on dropdown_calendar Report

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...

EUVD-2026-12671

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...

CVE-2026-26001

CVE-2026-26001 affects the GLPI Inventory Plugin. The vulnerability is an SQL injection in the dropdown_calendar report, caused by non-sanitized user input prior to version 1.6.6. The issue allows an attacker with adequate rights to influence the database query (impacting confidentiality; integri...

CVE-2026-26001 GLPI Inventory Plugin has SQL Injection on dropdown_calendar Report

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...

CVE-2026-26001 GLPI Inventory Plugin has SQL Injection on dropdown_calendar Report

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...

PT-2026-25960

Name of the Vulnerable Software and Affected Versions GLPI Inventory Plugin versions prior to 1.6.6 Description The GLPI Inventory Plugin manages network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to version 1.6.6, unsanitized user input could lead to an...