CVE-2026-7816

A flaw was found in pgadmin4. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject " TO PROGRAM 'cmd'" to break out of the \copy ... context and achieve arbitrary command execution on the pgAdmin server, or "...

jupyter-pgadmin-proxy (>=0.0.1 <=0.0.4) potentially affected by CVE-2026-7816 via pgadmin4 (=9.14.0)

pgadmin4 PYPI version =9.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on pgadmin4 and may be impacted: - jupyter-pgadmin-proxy =0.0.1, =0.0.4 Source cves: CVE-2026-7816 Source advisory: OSV:GHSA-J74F-G7VX-FH4X...

CVE-2026-7816

creationtimestamp| type| source ---|---|--- 2026-05-11 16:35:29+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mllpeiqf6e2t 2026-05-26 19:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmrotseyvx2u...

CVE-2026-7816

OS command injection CWE-78 vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject " TO PROGRAM 'cmd'" to break out of the \copy ... context and achieve...

CVE-2019-7816

ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2025-7816

creationtimestamp| type| source ---|---|--- 2025-07-19 15:27:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ludblco4lg2o 2025-07-22 03:54:24+00:00| seen| MISP/a3c5beab-b790-4171-8b4c-02c8a9678071 2025-09-09 11:53:42+00:00| seen| MISP/a3c5beab-b790-4171-8b4c-02c8a9678071...

CVE-2025-7816

A vulnerability, which was classified as problematic, was found in PHPGurukul Apartment Visitors Management System 1.0. Affected is an unknown function of the file /visitor-detail.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scriptin...

CVE-2025-7816 PHPGurukul Apartment Visitors Management System HTTP POST Request visitor-detail.php cross site scripting

A vulnerability, which was classified as problematic, was found in PHPGurukul Apartment Visitors Management System 1.0. Affected is an unknown function of the file /visitor-detail.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scriptin...

CVE-2025-7816

CVE-2025-7816 affects PHPGurukul Apartment Visitors Management System 1.0. The reported issue is a cross-site scripting vulnerability in the HTTP POST Request Handler, specifically the /visitor-detail.php file where the visname parameter can be manipulated to inject arbitrary scripts. The vulnera...

CVE-2025-7816 PHPGurukul Apartment Visitors Management System HTTP POST Request visitor-detail.php cross site scripting

A vulnerability, which was classified as problematic, was found in PHPGurukul Apartment Visitors Management System 1.0. Affected is an unknown function of the file /visitor-detail.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scriptin...

CVE-2024-7816

The Gixaw Chat WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2024-7816 Gixaw Chat <= 1.0 - Stored XSS via CSRF

The Gixaw Chat WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

WordPress Gixaw Chat Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Gixaw Chat Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7816 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID aa72a581011b Credits Daniel Ruf Required privilege...

Bkav Home 信息泄露漏洞

Bkav Home is an electronic security software from Bkav Inc. An information disclosure vulnerability exists in Bkav Home v7816 build 2403161130, which originates from a vulnerability that allows an attacker to cause an information disclosure by triggering the 0x222240 IOCTL code in the BkavSDFlt.s...

WordPress Royal Elementor Addons RCE

Exploit for the unauthenticated file upload vulnerability in WordPress Royal Elementor Addons and Templates plugin use exploit/multi/http/wproyalelementoraddonsrce msf exploitwproyalelementoraddonsrce show targets ...targets... msf exploitwproyalelementoraddonsrce set TARGET msf...

co.paralleluniverse:comsat-actors-undertow (=0.1.0), com.github.wuic:wuic-test (>=0.5.0 <=0.5.2.RC6) +86 more potentially affected by CVE-2014-7816 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=1.0.16.Final)

io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =0.5.0, =1.0, =0.4.1, =0.4.1, =1.0.0.CR1, =1.0.0.Alpha1, =1.0.0.Alpha1, =1.0.0.Alpha1, =1.0.0, =0.3.0.CR1, =0.5.0.Final - org.jboss.arquillian.container:shrinkwrap-container-undertow =1.0.0.Alpha2 and more Source cves: CVE-2014-7816 Source...

com.sksamuel.scruffy:scruffy-integrationtest_2.11 (=1.12.0), com.sksamuel.scruffy:scruffy-undertow_2.11 (>=1.9.0 <=1.12.0) +39 more potentially affected by CVE-2014-7816 via io.undertow:undertow-core (>=1.2.0.Beta1 <=1.2.0.Beta2)

io.undertow:undertow-core MAVEN version =1.2.0.Beta1, =1.9.0, =1.0.0.Alpha1, =1.2.0.Beta1, =1.2.0.Beta1, =1.2.0.Beta1, =0.5.1, =0.5.1, =1.0.0.Beta1, =1.0.0.Alpha9, =1.0.0.Beta1, =1.0.0.Beta1, =1.0.0.Beta1, =1.0.0.Beta1, =1.0.0.Beta1, =1.0.0.Beta4 and more Source cves: CVE-2014-7816 Source advisor...

co.paralleluniverse:comsat-test-utils (=0.2.0), io.undertow:undertow-http2-test-suite (>=1.1.0.Beta7 <=1.1.0.Beta8) +4 more potentially affected by CVE-2014-7816 via io.undertow:undertow-core (>=1.1.0.Beta1 <=1.1.0.CR4)

io.undertow:undertow-core MAVEN version =1.1.0.Beta1, =1.1.0.Beta7, =1.1.0.Beta1, =1.1.0.Beta1, =1.0.0.Alpha1, =1.0.0.Alpha8 Source cves: CVE-2014-7816 Source advisory: OSV:GHSA-H6P6-FC4W-CQHX...

Mozilla Firefox Security Advisory (MFSA2017-21) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2020-7816

CVE-2020-7816 affects the JPEG image parsing module in DaView Indy, DaVa+, and DaOffice. The root cause is a stack overflow read, enabling an unauthenticated, remote attacker to cause arbitrary code execution on an affected device. Exploitation path described in the sources involves sending a cra...