CVE-2022-26332

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field...

CVE-2017-18577

The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of addqueryarg...

CVE-2026-0701

A vulnerability was identified in code-projects Intern Membership Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /intern/admin/addadmin.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

CVE-2020-7630

git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name argument...

CVE-2020-12320

Uncontrolled search path in IntelR SCS Add-on for Microsoft SCCM before version 2.1.10 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-10484

CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request...

CVE-2020-10398

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-template.php by adding a question mark ? followed by the payload...

CVE-2020-10395

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-group.php by adding a question mark ? followed by the payload...

CVE-2024-41349

unmark 1.9.2 is vulnerable to Cross Site Scripting XSS via application/views/marks/addbyurl.php...

CVE-2023-50873

Cross-Site Request Forgery CSRF vulnerability in Marios Alexandrou Add Any Extension to Pages.This issue affects Add Any Extension to Pages: from n/a through 1.4...

CVE-2023-49153

Cross-Site Request Forgery CSRF vulnerability in Saiful Islam Add to Cart Text Changer and Customize Button, Add Custom Icon.This issue affects Add to Cart Text Changer and Customize Button, Add Custom Icon: from n/a through 2.0...

CVE-2023-4712

A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to th...

CVE-2023-4868

A vulnerability was found in SourceCodester Contact Manager App 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been...

CVE-2023-4872

A vulnerability, which was classified as critical, has been found in SourceCodester Contact Manager App 1.0. This issue affects some unknown processing of the file add.php. The manipulation of the argument contact/contactName leads to sql injection. The attack may be initiated remotely. The explo...

CVE-2022-26512

Uncontrolled search path element in the IntelR FPGA Add-on for IntelR oneAPI Base Toolkit before version 2022.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-49777

Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product Add-Ons.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.3.0...

CVE-2023-45338

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the routers/add-ticket.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2025-23623

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mahesh Bisen Contact Form 7 – CCAvenue Add-on cf7-cc-avenue-add-on allows Reflected XSS.This issue affects Contact Form 7 – CCAvenue Add-on: from n/a through = 1.0...

CVE-2025-23655

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in crystalwebpro Contact Form 7 – Paystack Add-on cf7-paystack-add-on allows Reflected XSS.This issue affects Contact Form 7 – Paystack Add-on: from n/a through = 1.2.3...

CVE-2025-23471

Cross-Site Request Forgery CSRF vulnerability in etemplates ECT Add to Cart Button ect-add-to-cart-button allows Stored XSS.This issue affects ECT Add to Cart Button: from n/a through = 1.4...