Lucene search
K

10000 matches found

Nuclei
Nuclei
added yesterday42 views

Frappe Framework < 16.15.0 - Arbitrary File Read via render_include Path Traversal

Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above. id: CVE-2026-39352 info: name: Frappe Framework 16.15.0 - Arbitrary File...

8.7CVSS6.1AI score0.01279EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday62 views

NocoBase - SQL Injection

NocoBase @nocobase/plugin-collection-sql versions prior to 2.0.39 are vulnerable to SQL injection via the sqlCollection:update endpoint. The checkSQL function, which blocks dangerous SQL keywords and ensures only SELECT statements are allowed, is not called during collection updates. id:...

7.2CVSS6.1AI score0.01833EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday14 views

Group-Office < 26.0.5 - Remote Code Execution

Group-Office before versions 6.8.150, 25.0.82, and 26.0.5 is vulnerable to remote code execution via OS command injection. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmpfile into an exec call. By injecting shell metacharacters into...

9.4CVSS6.7AI score0.18536EPSS
Exploits2References4
EUVD
EUVD
added yesterday6 views

EUVD-2026-43126

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.1 via the gettypetemplate function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...

7.5CVSS6.5AI score0.00324EPSS
Exploits0References7
EUVD
EUVD
added yesterday5 views

EUVD-2026-43127

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

6.5CVSS6.1AI score0.00294EPSS
Exploits0References8
CVE
CVE
added yesterday6 views

CVE-2026-15072

The CVE-2026-15072 entry concerns the KiviCare – Clinic & Patient Management System (EHR) WordPress plugin, affected up to version 4.5.0. It describes a SQL Injection in the KCQueryBuilder via the 'orderby' parameter due to insufficient escaping and inadequate query preparation. Exploitation requ...

6.5CVSS6.1AI score0.00294EPSS
Exploits0References8
CVE
CVE
added yesterday8 views

CVE-2026-15073

KiviCare – Clinic & Patient Management System (WordPress)

6.5CVSS6.1AI score0.0026EPSS
Exploits0References5
CVE
CVE
added yesterday11 views

CVE-2026-11426

CVE-2026-11426 concerns the UnderConstructionPage PRO plugin for WordPress. The vulnerability, present in all versions up to 5.76, allows Arbitrary File Read via the template_thumbnail parameter, where local file paths are copied into a publicly accessible uploads file. This permits authenticated...

6.5CVSS6.2AI score0.00308EPSS
Exploits0References2
CVE
CVE
added 2 days ago5 views

CVE-2026-57230

OpenReplay (self-hosted session replay) prior to 1.27.0 is affected by an authenticated SQL injection in the session search and analytics API for enterprise editions with multi-tenancy enabled. The vulnerability arises from building ClickHouse queries by inserting user input into the query string...

5.4CVSS6.1AI score0.00207EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-42993

The DataInjection plugin for GLPI 2.15.6 GLPI 11 builds concatenates user-supplied CSV field values directly into SQL queries during CSV import, without parameterization or escaping, resulting in authenticated SQL injection. An authenticated user with access to the Data injection feature can embe...

7.1CVSS6.1AI score0.00314EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-42983

Snipe-IT is an IT asset/license management system. Prior to 8.5.0, ActionlogController::displaySig concatenates the route filename parameter into a private upload-directory path without sanitization, allowing an authenticated attacker to traverse outside the intended directory and read arbitrary...

7.1CVSS6.2AI score0.00329EPSS
Exploits0References4
NVD
NVD
added 2 days ago5 views

CVE-2026-61456

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS0.00141EPSS
Exploits0References2
CVE
CVE
added 2 days ago7 views

CVE-2026-54149

MaxKB is affected by CVE-2026-54149 prior to version 2.10.0-lts. The vulnerability resides in tool import validation (apps/tools/serializers/tool.py) and MCP referencing mode (apps/application/chat_pipeline/step/chat_step/impl/base_chat_step.py), where MCP transport type is not consistently valid...

8.8CVSS6.2AI score0.00384EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57961 phpMyFAQ - Authenticated Path Traversal in PDF Export via concatenatePaths Function

phpMyFAQ before 4.1.5 contains a potential authenticated path traversal vulnerability in the concatenatePaths function within src/phpMyFAQ/Export/Pdf/Wrapper.php. A user with FAQ editing privileges can store HTML containing crafted image paths that are processed during PDF generation. The path...

5.1CVSS0.0027EPSS
Exploits0References2
CVE
CVE
added 2 days ago7 views

CVE-2026-13010

The CVE-2026-13010 entry concerns the JoomSport plugin for WordPress (Team & League, Football, Hockey & more). Affected versions: all up to and including 5.7.9. Vulnerability type: time-based SQL Injection via the 'event' shortcode attribute, caused by insufficient escaping of the user-supplied p...

6.5CVSS6.1AI score0.00254EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-13010 JoomSport <= 5.7.9 - Authenticated (Contributor+) SQL Injection via 'event' Shortcode Attribute

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to time-based SQL Injection via 'event' Shortcode Attribute in all versions up to, and including, 5.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS0.00254EPSS
Exploits0References4
CVE
CVE
added 2 days ago4 views

CVE-2026-12400

FlowForms (WordPress plugin)

4.3CVSS6.1AI score0.00226EPSS
Exploits1References8
CVE
CVE
added 2 days ago6 views

CVE-2026-3907

The CVE records CVE-2026-3907 for the WordPress Hostel plugin (versions

6.4CVSS6.2AI score0.00206EPSS
Exploits0References8
CVE
CVE
added 2 days ago9 views

CVE-2026-15104

Summary: CVE-2026-15104 affects the WordPress plugin “BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot” up to version 4.6.0. The vulnerability is a generic SQL Injection via the ‘lang’ parameter, caused by insufficient escaping of user input and lack of proper preparat...

6.5CVSS6.1AI score0.0026EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-15104 BetterDocs <= 4.6.0 - Authenticated (Custom+) SQL Injection via 'lang' Parameter

The BetterDocs – AI Documentation, Knowledge Base, Docs, Wikis, FAQ with Chatbot plugin for WordPress is vulnerable to generic SQL Injection via the 'lang' parameter in all versions up to, and including, 4.6.0 due to insufficient escaping on the user supplied parameter and lack of sufficient...

6.5CVSS0.0026EPSS
Exploits0References5
Rows per page
Query Builder