Directory Traversal

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Directory Traversal via the theme file management API when an authenticated administrator supplies crafted input to the path parameter. An attacker can write arbitra...

CVE-2026-21861

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability in the core update functionality. An authenticated administrator can execute arbitrary OS commands on the server due to improper handling of user-controlled input that is...

CVE-2026-30940

CVE-2026-30940 affects baserCMS prior to version 5.2.3. A path traversal flaw exists in the theme file management API at /baser/api/admin/bc-theme-file/theme_files/add.json, allowing an authenticated administrator to inject ../ sequences in the path and create a PHP file outside the theme directo...

CVE-2026-21861

baserCMS prior to version 5.2.3 contains an OS command injection in the core update functionality. An authenticated administrator can pass user-controlled input to exec() without proper validation/escaping, allowing arbitrary OS command execution on the server. The issue is fixed in version 5.2.3...

VulnCheck KEV: CVE-2026-35056

XenForo before 2.3.9 and before 2.2.18 allows remote code execution RCE by authenticated, but malicious, admin users. An attacker with admin panel access can execute arbitrary code on the server...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the MDM bootstrap package configuration. An attacker can modify arbitrary team configurations, exfiltrate sensitive data from the database, and inject arbitrary content into team configurations by sending crafted API...

CVE-2026-33623

CVE-2026-33623 affects PinchTab (v0.8.4 affected; v0.8.5 patched). Description: Windows-only command injection in the orphaned Chrome cleanup path. When stopping an instance, the cleanup builds a PowerShell -Command string from a needle derived from the profile path. In v0.8.4, backslashes are es...

CVE-2025-48418

A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7,...

CVE-2026-2424

The Reward Video Ad for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6. This is due to insufficient input sanitization and output escaping on plugin settings such as the 'Account ID', 'Message before the...

CVE-2026-22628

An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file...

CVE-2026-29103

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. A Critical Remote Code Execution RCE vulnerability exists in SuiteCRM 7.15.0 and 8.9.2, allowing authenticated administrators to execute arbitrary system commands. This vulnerability is a direc...

CVE-2026-33226

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In versions from 3.30.6 and prior, the REST datasource query preview endpoint POST /api/queries/preview makes server-side HTTP requests to any URL supplied by the user in fields.path with no validation. An...

EUVD-2026-14492

AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name...

CVE-2026-1001

Domoticz versions prior to 2026.1 contain a stored cross-site scripting vulnerability in the Add Hardware and rename device functionality of the web interface that allows authenticated administrators to execute arbitrary scripts by supplying crafted names containing script or HTML markup. Attacke...

PT-2026-27795

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the web-based management interface of the Cisco IOx application hosting environment. This issue could allow a remote attacker with valid administrative...

CVE-2026-33681 AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or a...

CVE-2026-33681 AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or a...

CVE-2026-33681 AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or a...

PT-2026-27164

Name of the Vulnerable Software and Affected Versions TP-Link Archer NX200 TP-Link Archer NX210 TP-Link Archer NX500 TP-Link Archer NX600 Description A flaw exists in how input is handled within an administrative command-line interface CLI used for modem management. This allows a specially crafte...

TP-Link多款产品 安全漏洞

TP-LINK Archer is a series of routers produced by TP-LINK Corporation. Several TP-Link products have security vulnerabilities. These vulnerabilities stem from improper handling of wireless control management CLI commands. This could allow authenticated attackers with administrative privileges to...