PT-2026-46908

Name of the Vulnerable Software and Affected Versions Widget Factory Joomla Content Editor JCE versions 1.0.0 through 2.9.99.4 Description Improper access control in the JCE editor extension for Joomla allows unauthenticated users to create new editor profiles. This flaw enables the upload and...

Exploit for CVE-2025-8723

⚡️ Cloudflare Image Resizing Description: The plugin'...

CVE-2025-1782

In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misused to include an arbitrary file in the PHP code allowing an attacker to do anything as the web server user. This flaw requires the attacker to be authenticated...

vBulletin Remote Code Execution Vulnerability

vBulletin is a business forum program developed and marketed by Internet Brands and vBulletin Solutions. A remote code execution vulnerability exists in vBulletin, which can be exploited by an attacker to inject and execute arbitrary PHP code...

baigoStudio baigoSSO Code Injection Vulnerability

baigoStudio baigoSSO is a single sign-on system. A security vulnerability exists in baigoStudio baigoSSO v3.0.1. The vulnerability can be exploited by a remote attacker to execute arbitrary PHP code via the site name field in the base configuration...

UBUNTU-CVE-2015-5660

Cross-site request forgery CSRF vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code...