CVE-2026-26378

Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features...

CVE-2026-26378

CVE-2026-26378 is a Cross Site Scripting vulnerability in Koha 25.11 and earlier. The issue arises via the file upload function in the Invoice features, enabling a remote attacker to execute arbitrary code. The connected documents provide the same description; no further technical details, affect...

CVE-2026-26378

Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features...

KWHotel 安全漏洞

KWHotel is a hotel software for desktop, web and mobile devices from KWHotel, Inc. A security vulnerability exists in KWHotel version 0.47, which stems from a CSV formula injection in the Add Invoice feature...

PT-2024-17810 · WordPress · Sunshine Photo Cart

Name of the Vulnerable Software and Affected Versions: The Sunshine Photo Cart: Free Client Galleries for Photographers plugin for WordPress versions up to, and including, 3.0.24 Description: The issue allows unauthenticated attackers to extract sensitive data, including customer email and physic...