Lucene search
K

2876 matches found

Vulnrichment
Vulnrichment
added 2026/05/10 12:12 p.m.11 views

CVE-2022-50960 WordPress International Sms Contact Form 7 Integration 1.2 XSS

WordPress International SMS for Contact Form 7 Integration version 1.2 contains a reflected cross-site scripting vulnerability in the page parameter of the admin settings interface. Attackers can inject malicious scripts through the page parameter in class-sms-log-display.php to execute arbitrary...

6.1CVSS5.9AI score0.00187EPSS
Exploits0References3
CVE
CVE
added 2026/05/10 12:12 p.m.17 views

CVE-2022-50960

The vulnerability is in WordPress International Sms For Contact Form 7 Integration v1.2, which contains a reflected XSS in the page parameter of the admin settings interface. The issue is triggered via class-sms-log-display.php, allowing an attacker to inject malicious JavaScript that runs in adm...

6.1CVSS5.9AI score0.00187EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.14 views

WordPress plugin International Sms For Contact Form 7 Integration 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.1CVSS5.7AI score0.00187EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/05 8:30 p.m.21 views

Race Condition

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Race Condition due to a race condition in the login process. An attacker can obtain multiple valid session tokens by...

2.2CVSS5.8AI score0.00236EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 8:30 p.m.3 views

GHSA-JPQ4-7FMQ-Q5FJ parse-server: MFA SMS one-time password accepted twice under concurrent login

Impact A race condition in the MFA SMS one-time password OTP login path allows two concurrent /login requests carrying the same OTP to both succeed and both receive valid session tokens, breaking the single-use property of the OTP. The vulnerability requires the attacker to already possess the...

2.1CVSS5.7AI score0.00236EPSS
Exploits0References5
HackRead
HackRead
added 2026/04/25 11:10 a.m.9 views

Fake CAPTCHA Scam Abuses Verification Clicks to Send Costly International Texts

Research from Infoblox reveals a massive Click2SMS fraud scheme using fake CAPTCHAs and back button hijacking to trick victims into sending costly international texts...

5.3AI score
Exploits0
Patchstack
Patchstack
added 2026/04/23 2:7 p.m.5 views

WordPress WP SMS plugin <= 7.2.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin WP SMS versions = 7.2.1...

5.2AI score0.00326EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.4 views

CVE-2026-6488

A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET Request Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/04/17 2:16 p.m.6 views

CVE-2026-6490

A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. Impacted is an unknown function of the file admin/deletecourse.php of the component GET Request Parameter Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated...

7.5CVSS0.00325EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/17 1:15 p.m.3 views

CVE-2026-6490 QueryMine sms GET Request Parameter deletecourse.php sql injection

A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. Impacted is an unknown function of the file admin/deletecourse.php of the component GET Request Parameter Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated...

7.5CVSS6.8AI score0.00325EPSS
Exploits0References4
CVE
CVE
added 2026/04/17 1:15 p.m.19 views

CVE-2026-6490

CVE-2026-6490 affects QueryMine sms (admin/deletecourse.php) where manipulation of the argument ID in the GET Request Parameter Handler leads to SQL injection. The vulnerability can be triggered remotely and the exploit is publicly available. The affected software is described as using a rolling ...

7.5CVSS6.8AI score0.00325EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/17 1:15 p.m.37 views

CVE-2026-6490 QueryMine sms GET Request Parameter deletecourse.php sql injection

A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. Impacted is an unknown function of the file admin/deletecourse.php of the component GET Request Parameter Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated...

7.5CVSS0.00325EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/17 1:0 p.m.3 views

CVE-2026-6489 QueryMine sms Background Management addteacher.php unrestricted upload

A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Background Management Page. The manipulation of the argument image results in unrestricted upload. The...

6.5CVSS6.1AI score0.00257EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/17 1:0 p.m.32 views

CVE-2026-6489 QueryMine sms Background Management addteacher.php unrestricted upload

A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Background Management Page. The manipulation of the argument image results in unrestricted upload. The...

6.5CVSS0.00257EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/17 12:45 p.m.2 views

CVE-2026-6488 QueryMine sms GET Request Parameter editcourse.php sql injection

A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET Request Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References4
CVE
CVE
added 2026/04/17 12:45 p.m.10 views

CVE-2026-6488

CVE-2026-6488 affects QueryMine sms, specifically the admin/editcourse.php code path under the GET Request Parameter Handler. The root cause is SQL injection triggered by manipulating the argument ID, allowing remote exploitation. Public exploit appears to be available; the disclosure notes rolli...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.3 views

PT-2026-33449

Name of the Vulnerable Software and Affected Versions QueryMine sms versions up to 7ab5a9ea196209611134525ffc18de25c57d9593 Description Remote SQL injection is possible via the GET Request Parameter Handler in the 'admin/editcourse.php' file. The issue occurs when the ID argument is manipulated,...

6.5CVSS6.9AI score0.00196EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.5 views

PT-2026-33453

Name of the Vulnerable Software and Affected Versions QueryMine sms versions up to 7ab5a9ea196209611134525ffc18de25c57d9593 Description A SQL injection flaw exists in the GET Request Parameter Handler component within the 'admin/deletecourse.php' file. A remote attacker can trigger this issue by...

7.5CVSS7.2AI score0.00325EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2026/04/10 10:0 a.m.162 views

Exploit for Stack-based Buffer Overflow in Samsung Exynos_980_Firmware

CVE-2025-54328 — Samsung Exynos SMS RP-DATA Stack Buffer Overf...

10CVSS6.2AI score0.0052EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.5 views

CVE-2025-54328

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DA...

10CVSS5.9AI score0.0052EPSS
Exploits1References1
Rows per page
Query Builder