wpForo Forum <= 2.4.14 - SQL Injection

wpForo Forum WordPress plugin = 2.4.14 contains a time-based SQL injection caused by insufficient escaping of the 'wpfob' parameter, letting unauthenticated attackers extract sensitive database information. id: CVE-2026-1581 info: name: wpForo Forum = 2.4.14 - SQL Injection author: Shivam Kamboj...

Exploit for CVE-2026-1581

CVE-2026-1581 — wpForo Forum GET'wpfob' → wpforosanitiz...

CVE-2026-1581

creationtimestamp| type| source ---|---|--- 2026-02-19 18:02:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfa6hbbmcp2c 2026-02-19 18:02:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfa6i6d5fm2x 2026-02-24 21:02:29+00:00| seen|...

MiracleLinux 4 : firefox-31.2.0-3.0.1.AXS4 (AXSA:2014-595:06)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-595:06 advisory. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed wi...

Linux Distros Unpatched Vulnerability : CVE-2003-1581

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HT...

CVE-2022-1581

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...

CVE-2010-1581

Unspecified vulnerability in the Transport Layer Security TLS implementation on Cisco Adaptive Security Appliances ASA 5500 series devices with software 7.2 before 7.25, 8.0 before 8.05.15, 8.1 before 8.12.44, 8.2 before 8.22.17, and 8.3 before 8.31.6 and Cisco PIX Security Appliances 500 series...

CVE-2022-1581

creationtimestamp| type| source ---|---|--- 2025-04-30 15:13:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14065...

CVE-2025-1581

A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /book-nurse.php?bookid=1. The manipulation of the argument contactname leads to sql injection. The attack can be launche...

CVE-2025-1581

A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /book-nurse.php?bookid=1. The manipulation of the argument contactname leads to sql injection. The attack can be launche...

CVE-2025-1581 PHPGurukul Online Nurse Hiring System book-nurse.php sql injection

A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /book-nurse.php?bookid=1. The manipulation of the argument contactname leads to sql injection. The attack can be launche...

CVE-2025-1581 PHPGurukul Online Nurse Hiring System book-nurse.php sql injection

A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /book-nurse.php?bookid=1. The manipulation of the argument contactname leads to sql injection. The attack can be launche...

Rocky Linux 8 : sqlite (RLSA-2021:1581)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1581 advisory. - SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c. CVE-2020-13434 - In SQLite before 3.32.3, select.c mishandles...

Oracle Linux 6 : ruby (ELSA-2011-1581)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1581 advisory. - Update to Ruby 1.8.7-p352. Remove Patch43: ruby-1.8.7-CVE-2011-1004.patch; subsumed Remove Patch44: ruby-1.8.7-CVE-2011-1005.patch; subsumed Remove...

Oracle Linux 8 : wavpack (ELSA-2020-1581)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1581 advisory. - CVE-2018-19841 - CVE-2019-1010317 - CVE-2019-1010315 - CVE-2019-11498 - CVE-2018-19840 Tenable has extracted the preceding description block directly...

CVE-2022-1581 WP-Polls < 2.76.0 - IP Validation Bypass

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...

CVE-2022-1581

CVE-2022-1581 affects the WordPress plugin WP-Polls prior to version 2.76.0. The vulnerability arises because the plugin prioritizes the visitor’s IP taken from certain HTTP headers over PHP’s REMOTE_ADDR, enabling bypass of IP-based voting restrictions in certain scenarios. According to connecte...

CVE-2022-1581 WP-Polls < 2.76.0 - IP Validation Bypass

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...

Amazon Linux AMI : kernel (ALAS-2022-1581)

The version of kernel installed on the remote host is prior to 4.14.275-142.503. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1581 advisory. A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality. This flaw allows a local user to...

AlmaLinux 8 : wavpack (ALSA-2020:1581)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1581 advisory. - The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion...