42 matches found
CVE-2026-42744 WordPress Ads by WPQuads plugin <= 3.0.2 - Bypass Vulnerability vulnerability
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Manipulating Hidden Fields.This issue affects Ads by WPQuads: from n/a through = 3.0.2...
CVE-2026-42744
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Manipulating Hidden Fields.This issue affects Ads by WPQuads: from n/a through = 3.0.2...
CVE-2026-42744
The CVE-2026-42744 entry concerns the WordPress Ads by WPQuads plugin (quick-adsense-reloaded) version
EUVD-2026-26282
A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument studentid/fullname/section/username results ...
CVE-2026-4514
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be perform...
EUVD-2026-14248
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be perform...
CVE-2026-4514
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be perform...
CVE-2026-4514 PbootCMS Backend UserController.php access control
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be perform...
CVE-2026-4514
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be perform...
CVE-2026-4514 PbootCMS Backend UserController.php access control
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a manipulation of the argument Field can lead to improper access controls. The attack may be perform...
CVE-2025-14221
A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used...
CVE-2025-14005
A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. Affected by this vulnerability is an unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=0 of the component Add Display Name Field. Executing a manipulation of the argument dataname can lead t...
EUVD-2025-36134
A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. The impacted element is an unknown function of the component Edit Ticket Page. Performing manipulation of the argument Title results in csv injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2025-11946
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
CVE-2025-11912
A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the function Query of the file /DeviceState.do?Action=Query. This manipulation of the argument orderField causes sql injection. The attack can be initiated remotely. The exploit has been published and may be...
CVE-2025-11485
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function adduser of the file /admin.php of the component Manage Users Page. This manipulation of the argument firstname/lastname causes cross site scripting. The attack can be initiated remotely...
EUVD-2024-50613
Malicious code in bioql PyPI...
EUVD-2025-26174
Malicious code in bioql PyPI...
EUVD-2024-3106
Malicious code in bioql PyPI...
itsourcecode Online Public Access Catalog OPAC SQL注入漏洞
itsourcecode Online Public Access Catalog OPAC is an online public access catalog of itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Public Access Catalog OPAC, which stems from incorrect manipulation of the parameters searchfield and searchtex...