6629 matches found
Contact Form Generator <= 2.5.5 - Cross-Site Scripting
The Contact Form Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'id' parameter in wp-admin/admin.php in versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2026-15703
CVE-2026-15703 affects SourceCodester Simple and Nice Shopping Cart Script 1.0. The vulnerability exists in /admin/userproductdeletequery.php where manipulating the user_id parameter enables SQL injection. It can be exploited remotely and the exploit is publicly available. CVSS metrics indicate h...
CVE-2026-15703 SourceCodester Simple and Nice Shopping Cart Script userproductdeletequery.php sql injection
A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This vulnerability affects unknown code of the file /admin/userproductdeletequery.php. Performing a manipulation of the argument userid results in sql injection. It is possible to initiate the attack remotely...
EUVD-2026-43623
A vulnerability was identified in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file /Admin/EditUser.php. Such manipulation of the argument UserId leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be...
CVE-2026-15597
CVE-2026-15597 affects SourceCodester Class and Exam Timetabling System (1.0/2.php). The vulnerability is an SQL injection in the /edit_exam2.php script triggered by manipulating the ID parameter, enabling remote attackers to potentially impact confidentiality, integrity, and availability. Techni...
CVE-2026-61462
mcp-gitlab contains a path traversal vulnerability in the jobid parameter of build/index.js that allows attackers to redirect GitLab API requests to arbitrary endpoints. Attackers can supply crafted jobid values like ../../../user to escape the intended path prefix and access arbitrary GitLab API...
CVE-2026-61462 mcp-gitlab Path Traversal via job_id Parameter
mcp-gitlab contains a path traversal vulnerability in the jobid parameter of build/index.js that allows attackers to redirect GitLab API requests to arbitrary endpoints. Attackers can supply crafted jobid values like ../../../user to escape the intended path prefix and access arbitrary GitLab API...
CVE-2026-61462
mcp-gitlab contains a path traversal vulnerability in the jobid parameter of build/index.js that allows attackers to redirect GitLab API requests to arbitrary endpoints. Attackers can supply crafted jobid values like ../../../user to escape the intended path prefix and access arbitrary GitLab API...
CVE-2026-61462
CVE-2026-61462 affects mcp-gitlab. A path traversal weakness exists in the build/index.js job_id parameter, allowing an attacker to escape the intended path prefix (e.g., using ../../../user) and redirect GitLab API requests to arbitrary endpoints. This can enable access to arbitrary GitLab API r...
PT-2026-57808
Name of the Vulnerable Software and Affected Versions CodeAstro Simple Online Leave Management System version 1.0 Description Remote SQL injection is possible due to improper handling of the ID variable in the '/SimpleOnlineLeave/admin/deletemp.php' endpoint. SQL injection is a technique where an...
PT-2026-57839
Name of the Vulnerable Software and Affected Versions mcp-gitlab versions prior to 2.1.18 Description A path traversal issue exists in the job id parameter within the build/index.js file. This allows attackers to escape the intended path prefix by providing crafted values, such as ../../../user, ...
CVE-2025-5017
The Catalyst Connect Zoho CRM Client Portal plugin for WordPress is vulnerable to time-based SQL Injection via the ‘uid’ parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
CVE-2026-14475
The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
CVE-2026-14475
The CVE-2026-14475 entry relates to the WordPress plugin “WPLP Cookie Consent” (GDPR/CCPA banner) with a SQL Injection vulnerability via the scan_id parameter in all versions up to 4.3.6. The root cause is insufficient escaping of the user-supplied parameter and inadequate preparation of the exis...
CVE-2026-14475
The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
CVE-2026-14475 Cookie Banner for GDPR / CCPA <= 4.3.6 - Authenticated (Administrator+) SQL Injection via 'scan_id' Parameter
The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
CVE-2026-5069
The Fluent Forms plugin for WordPress is vulnerable to incorrect authorization via the 'subscriptionid' parameter in versions up to, and including, 6.2.1. This is due to insufficient ownership authorization checks in the payment cancellation AJAX flow. This makes it possible for authenticated...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper handling of the id parameter in the Bazar widget handler. An attacker can execute arbitrary JavaScript in the victim's browser by crafting a malicious URL that injects attacker-controlled attributes...
CVE-2026-59224
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, backend/openwebui/routers/terminals.py built the wsterminal upstream URL from an unencoded sessionid and appended userid as a query parameter, allowing query injection to make the terminal backe...
PT-2026-57034
Name of the Vulnerable Software and Affected Versions YesWiki version 4.6.5 Description An issue exists in the Bazar widget handler where the id GET parameter is reflected into HTML attributes using only the strip tags function. Since strip tags does not escape double quotes, an unauthenticated...