PT-2026-28310

Name of the Vulnerable Software and Affected Versions Conditional Menus for WordPress versions prior to 1.2.7 Description The Conditional Menus plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF in all versions up to and including 1.2.6. The issue stems from the absence of non...

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.3 contained security...

PT-2026-28534

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description The AVideo platform’s AI plugin contains a flaw in the save.json.php endpoint. This endpoint loads AI response objects using the $ REQUEST'id' parameter, which is controlled by the attacker,...

CVE-2026-33917 OpenEMR has SQL Injection in CAMOS Form

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajaxsave CAMOS form that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input...

CVE-2026-32120 OpenEMR has IDOR in Fee Sheet Product Save

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an Insecure Direct Object Reference IDOR vulnerability in the fee sheet product save logic library/FeeSheet.class.php allows any authenticated user with fee sheet ACL...

EUVD-2026-14508

AVideo is Vulnerable to SQL Injection through Subscribe Endpoint via Unsanitized userid Parameter...

SQL Injection

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to SQL Injection via the save function. An attacker can extract sensitive information from the database and insert arbitrary data by submitting crafted input to the...

EUVD-2026-14482

AVideo Vulnerable to Remote Code Execution via MIME/Extension Mismatch in ImageGallery File Upload...

SUSE CVE-2026-31817

OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...

PT-2026-28146

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajax save CAMOS form that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input...

CVE-2026-33330

FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access control issue in FileRise's ONLYOFFICE integration allows an authenticated user with read-only access to obtain a signed save callbackUrl for a file and then directly forge the ONLYOFFICE save...

CVE-2026-33330

The CVE-2026-33330 issue affects FileRise (self-hosted web file manager / WebDAV) through the ONLYOFFICE integration. A broken access control flaw allows an authenticated user with read-only privileges to obtain a signed save callback URL for a file and directly forge the ONLYOFFICE save callback...

CVE-2026-33330 FileRise ONLYOFFICE integration allows read-only users to overwrite files via forged save callback

FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access control issue in FileRise's ONLYOFFICE integration allows an authenticated user with read-only access to obtain a signed save callbackUrl for a file and then directly forge the ONLYOFFICE save...

EUVD-2026-14994

FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access control issue in FileRise's ONLYOFFICE integration allows an authenticated user with read-only access to obtain a signed save callbackUrl for a file and then directly forge the ONLYOFFICE save...

CVE-2026-33330 FileRise ONLYOFFICE integration allows read-only users to overwrite files via forged save callback

FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access control issue in FileRise's ONLYOFFICE integration allows an authenticated user with read-only access to obtain a signed save callbackUrl for a file and then directly forge the ONLYOFFICE save...

CVE-2026-33330 FileRise ONLYOFFICE integration allows read-only users to overwrite files via forged save callback

FileRise is a self-hosted web file manager / WebDAV server. Prior to version 3.10.0, a broken access control issue in FileRise's ONLYOFFICE integration allows an authenticated user with read-only access to obtain a signed save callbackUrl for a file and then directly forge the ONLYOFFICE save...

CVE-2026-33162

Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...

EUVD-2026-14945

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.7.0, the SSRF fix applied in version 4.6.2 for CVE-2026-30839 and CVE-2026-30840 is incomplete. The validatewebhookurlforssrf protection was added to the test notification endpoints but not to the...

CVE-2026-33399 Wallos: SSRF Bypass - Incomplete Fix for CVE-2026-30839/30840

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.7.0, the SSRF fix applied in version 4.6.2 for CVE-2026-30839 and CVE-2026-30840 is incomplete. The validatewebhookurlforssrf protection was added to the test notification endpoints but not to the...

EUVD-2026-14944

Craft CMS is a content management system CMS. From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:sectionUid permission for either...