30232 matches found
CVE-2026-15410
Post-authentication improper control of generation of code 'Code Injection' vulnerability has been identified in the SMA1000 Appliance Management Console AMC which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands...
CVE-2026-15410
Post-authentication improper control of generation of code 'Code Injection' vulnerability has been identified in the SMA1000 Appliance Management Console AMC which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands...
CVE-2026-15410
CVE-2026-15410 affects SonicWall SMA1000 Appliance Management Console (AMC). It is a post-authentication code-injection vulnerability that, under certain conditions, could allow a remote authenticated administrator to execute arbitrary OS commands. Root cause: improper control of generation of co...
CVE-2025-15665
The CVE-2025-15665 affects the Ultimate Before After Image Slider & Gallery WordPress plugin prior to version 4.7.1. The BEAF Slider widget shortcode field is not escaped before output, as its value is passed through do_shortcode and echoed verbatim. This allows users with administrator-level acc...
CVE-2025-15665 BEAF < 4.7.1 - Admin+ Stored XSS via Widget Shortcode Field
The Ultimate Before After Image Slider & Gallery WordPress plugin before 4.7.1 does not escape the value of the BEAF Slider widget's shortcode field before outputting it on the front end the value is passed through doshortcode, which echoes non-shortcode content verbatim, allowing users with...
SonicWall SMA1000 Appliances Code Injection Vulnerability
SonicWall SMA1000 Appliances contain a code injection vulnerability which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands...
CVE-2026-58409 ChurchCRM: Authenticated Remote Code Execution (RCE) via Malicious Plugin Upload
ChurchCRM is an open-source church management system. Prior to version 7.4.0, an authenticated administrator can achieve Remote Code Execution RCE on the server by installing a malicious plugin ZIP archive containing a PHP webshell. The application explicitly includes 'php' in its ALLOWEDEXTENSIO...
CVE-2026-58409 ChurchCRM: Authenticated Remote Code Execution (RCE) via Malicious Plugin Upload
ChurchCRM is an open-source church management system. Prior to version 7.4.0, an authenticated administrator can achieve Remote Code Execution RCE on the server by installing a malicious plugin ZIP archive containing a PHP webshell. The application explicitly includes 'php' in its ALLOWEDEXTENSIO...
CVE-2026-61463
CVE-2026-61463 : Shiori contains a privilege escalation in the account update endpoint. An authenticated user can modify the owner field without authorization checks by submitting a crafted PATCH request with owner: true, then re-authenticate to obtain an admin JWT token that grants full system a...
CVE-2026-61463 Shiori Authenticated Privilege Escalation via PATCH /api/v1/auth/account
Shiori contains a privilege escalation vulnerability in the account update endpoint that allows authenticated users to modify the owner field without authorization checks. Attackers can escalate to administrator by submitting a crafted PATCH request with owner: true, then re-authenticate to obtai...
CVE-2026-61501 Rejetto HFS < 3.2.1 Stored XSS in Admin Log Viewer
Rejetto HFS 3.0.0 through 3.2.0 renders log entries in the administration panel as HTML without sanitization. A remote unauthenticated attacker can submit a failed login with a crafted username that is written to the error log and executes JavaScript in an administrator's browser when the logs ar...
EUVD-2026-43289
The Tutor LMS WordPress plugin before 3.9.13 does not verify that the requesting user is allowed to edit a target post before overwriting it in one of its content-builder save handlers, authorizing the request only against an unrelated identifier, allowing authenticated users with instructor-leve...
CVE-2026-15540
A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/requi...
CVE-2026-12274 Tutor LMS < 3.9.13 - Instructor+ Arbitrary Post Overwrite via IDOR
The Tutor LMS WordPress plugin before 3.9.13 does not verify that the requesting user is allowed to edit a target post before overwriting it in one of its content-builder save handlers, authorizing the request only against an unrelated identifier, allowing authenticated users with instructor-leve...
EUVD-2026-43236
LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing adjacent network attackers to inject HTML markup. Attackers can send a DHCPv6 Client FQDN containing script tags that execute in the administrator's browser when viewing DHCP lease pages...
CVE-2026-15479
A vulnerability was found in H3C NX15 V100R017. Affected by this vulnerability is the function changepasswd of the file /api/login/modify of the component Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be...
PT-2026-57560
Name of the Vulnerable Software and Affected Versions LuCI affected versions not specified Description LuCI fails to properly encode DHCPv6 lease hostnames before rendering them in status tables. This allows attackers on the same network to inject HTML markup by sending a DHCPv6 Client FQDN...
CVE-2026-1359
The Genolve – AI image AI video generation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the genolvesetOpt function in all versions up to, and including, 5.0.5. This makes it possible for authenticated attackers, with Contributor-leve...
EUVD-2026-43166
The Genolve – AI image AI video generation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the genolvesetOpt function in all versions up to, and including, 5.0.5. This makes it possible for authenticated attackers, with Contributor-leve...
CVE-2026-15155
The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Authenticated Account Takeover via Email Header Injection in all versions up to, and including, 6.6.10 This is due to insufficient server-side validation of a Login/Register widget...