CVE-2026-8809

The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation via Validation Bypass in all versions up to and including 0.9.2.5. The vulnerability exists due to the aftervalidatesavepost function unconditionally trusting the attacker-controlled acfpostid POST...

CVE-2024-33306

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting XSS via "First Name" parameter in Create User...

SQL Injection

Overview centreon/centreon is a network, system, applicative supervision and monitoring tool. Affected versions of this package are vulnerable to SQL Injection via the create user form inputs. Remediation Upgrade centreon/centreon to version 22.10.24, 23.4.21, 23.10.16, 24.4.6 or higher. Referenc...

PT-2024-6878 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon version 24.04.2 Description: A SQL injection vulnerability allows a remote high-privileged attacker to execute arbitrary SQL commands via create user form inputs. This issue is related to the lack of protection of the SQL query...