CVE-2026-1800

creationtimestamp| type| source ---|---|--- 2026-03-21 20:01:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhlt3xhcei26...

CVE-2026-1800

The CVE-2026-1800 entry concerns The Fonts Manager | Custom Fonts plugin for WordPress. A time-based SQL Injection affects all versions up to 1.2 via the fmcfIdSelectedFnt parameter, caused by insufficient escaping of user input and lack of proper SQL query preparation. This allows unauthenticate...

WhatWeb Scanner 0.6.3

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...

EUVD-2007-3425

Malware in sbrugna...

EUVD-2015-6278

Malware in sbrugna...

EUVD-2004-0673

Malware in sbrugna...

EUVD-2015-6309

Malware in sbrugna...

EUVD-2015-6262

Malware in sbrugna...

EUVD-2002-0535

Malware in sbrugna...

EUVD-2023-47740

Malicious code in bioql PyPI...

CVE-2014-1800

creationtimestamp| type| source ---|---|--- 2025-08-31 03:13:05+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

CVE-2022-1800

The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability...

CVE-2021-1800

A path handling issue was addressed with improved validation. This issue is fixed in Xcode 12.4. A malicious application may be able to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode...

CVE-2020-1800

HUAWEI smartphones P30 with versions earlier than 10.0.0.185C00E85R1P11 have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unauthorized actor, the attacker tricks the user into installing a crafted application, successful explo...

CVE-2010-1800

CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses...

CVE-2009-1800

Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of...

CVE-2025-1800

creationtimestamp| type| source ---|---|--- 2025-03-01 18:31:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6079 2025-03-01 20:02:20+00:00| seen| https://t.me/cvedetector/19241 2025-03-02 11:47:00+00:00| seen| Telegram/v7YHZFaV2MLD66W6EbQC64cm1CdvwdicdpBTZJmZn3zVR...

CVE-2025-1800 D-Link DAR-7000 HTTP POST Request sxh_vpnlic.php get_ip_addr_details command injection

A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This vulnerability affects the function getipaddrdetails of the file /view/vpn/sxhvpn/sxhvpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument ethname leads to command injection. Th...

ZTE ZXR10多款产品 安全漏洞

ZTE ZXR10 1800-2S and others are a wireless router from ZTE Corporation ZTE, China. A security vulnerability exists in various ZTE ZXR10 products, which stems from improper privilege management. The following products and versions are affected: ZTE ZXR10 1800-2S version V4.00.10 and prior version...

Telerik Report Server Auth Bypass and Deserialization RCE

This module chains an authentication bypass vulnerability CVE-2024-4358 with a deserialization vulnerability CVE-2024-1800 to obtain remote code execution against Telerik Report Server version 10.0.24.130 and prior. The authentication bypass flaw allows an unauthenticated user to create a new use...