Lucene search
K

82177 matches found

Circl
Circl
added 2026/06/29 4:10 p.m.7 views

CVE-2026-55607

creationtimestamp| type| source ---|---|--- 2026-06-29 16:10:20+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgusuta6d2b...

8.8CVSS5.8AI score0.0071EPSS
Exploits0References1
CVE
CVE
added 2026/06/29 12:29 p.m.17 views

CVE-2026-40522

FrontAccounting

7.1CVSS6AI score0.00148EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 12:16 p.m.6 views

CVE-2026-13558

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue affects some unknown processing of the file /report/addreport of the component Report Handler. Performing a manipulation of the argument Report Title results in cross site scripting. Remote exploitation o...

5.1CVSS0.00328EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 10:15 a.m.6 views

EUVD-2026-40067

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue affects some unknown processing of the file /report/addreport of the component Report Handler. Performing a manipulation of the argument Report Title results in cross site scripting. Remote exploitation o...

5.1CVSS4.5AI score0.00328EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 10:15 a.m.32 views

CVE-2026-13558 CodeAstro Complaint Management System Report addreport cross site scripting

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue affects some unknown processing of the file /report/addreport of the component Report Handler. Performing a manipulation of the argument Report Title results in cross site scripting. Remote exploitation o...

5.1CVSS0.00328EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 10:15 a.m.10 views

CVE-2026-13558

CVE-2026-13558 concerns CodeAstro Complaint Management System 1.0. The flaw is in the Report Handler’s /report/addreport flow, where manipulating the Report Title argument enables cross-site scripting (XSS). Exploitation is possible remotely and the exploit has been publicly released. The availab...

5.1CVSS4.5AI score0.00328EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 9:16 a.m.10 views

CVE-2026-13549

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the component Report Endpoint. The manipulation results in authorization bypass. The attack can be executed remotel...

6.4CVSS0.00293EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 8:0 a.m.35 views

CVE-2026-13549 CodeAstro Complaint Management System Report Endpoint Report.php deletereport authorization

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the component Report Endpoint. The manipulation results in authorization bypass. The attack can be executed remotel...

6.4CVSS0.00293EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 8:0 a.m.6 views

EUVD-2026-40051

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the component Report Endpoint. The manipulation results in authorization bypass. The attack can be executed remotel...

6.4CVSS5.8AI score0.00293EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 7:16 a.m.8 views

CVE-2026-13544

A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the component API. This manipulation causes improper access controls. The attack can be initiated remotely. The exploit has been published and may be used. The project wa...

6.5CVSS0.00214EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/29 7:15 a.m.7 views

EUVD-2026-40046

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS6.7AI score0.00383EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:15 a.m.5 views

CVE-2026-13546

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS5.5AI score0.00383EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.5 views

PT-2026-53269

Name of the Vulnerable Software and Affected Versions FrontAccounting versions prior to 2.4.20 Description An issue exists in the Bank Statement report handler that allows authenticated attackers to extract arbitrary database data. By injecting UNION SELECT payloads into the PARAM 0 POST paramete...

7.1CVSS6AI score0.00148EPSS
Exploits0References6
CVE
CVE
added 2026/06/28 1:0 p.m.18 views

CVE-2026-13498

The CVE concerns yashpokharna2555 restaurant-management-system. It identifies a vulnerability in an unknown function within /forgotpassword.php (POST Parameter Handler) where manipulating the email parameter leads to SQL injection. The issue can be exploited remotely and publicly available exploi...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
OSV
OSV
added 2026/06/28 12:11 a.m.3 views

OSV-2026-987 Index-out-of-bounds in print_insn_tic6x

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=528509499 Crash type: Index-out-of-bounds Crash state: printinsntic6x disassemblesection bfdmapoversections...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.10 views

PT-2026-53109

Name of the Vulnerable Software and Affected Versions yashpokharna2555 restaurent-management-system affected versions not specified Description An issue exists in the POST Parameter Handler component within the /forgotpassword.php file. Remote manipulation of the email parameter allows for SQL...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/27 5:33 a.m.7 views

EUVD-2026-39945

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/27 5:33 a.m.6 views

CVE-2026-12404

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References9
CVE
CVE
added 2026/06/27 5:33 a.m.21 views

CVE-2026-12404

The CVE concerns the NEX-Forms – Ultimate Forms Plugin for WordPress. All versions up to and including 9.2.2 are vulnerable to an authorization bypass due to improper verification of user permissions. This allows unauthenticated attackers to enumerate sequential report IDs and download complete f...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/27 5:33 a.m.37 views

CVE-2026-12404 NEX-Forms <= 9.2.2 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via CSVExport Class

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS0.00281EPSS
Exploits0References8
Rows per page
Query Builder