Lucene search
K

243 matches found

Nuclei
Nuclei
added 2 hours ago9 views

Everest Forms Pro <= 1.9.12 - Unauthenticated RCE via Calculation Formula Injection

The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions up to, and including, 1.9.12. This is due to the Calculation Addon's processfilter function concatenating user-submitted form field values into a PHP code string without proper...

9.8CVSS6.5AI score0.40992EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added last week9 views

CVE-2026-55413

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, any authenticated user with builder role free tier can overwrite a globally-shared marketplace plugin with arbitrary JavaScript that executes...

9.4CVSS6.1AI score0.00256EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 12:33 p.m.6 views

CVE-2026-12242

The AdRotate Banner Manager plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 5.17.7 via the 'banner' attribute of the adrotate shortcode. This is due to insufficient input validation and sanitization of the banner shortcode attribute before...

8.8CVSS6.2AI score0.00467EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52094

🚨 CVE-2026-45689 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains a valid Rocket.Chat OAuth access token for an arbitrary user by sending a single...

9.1CVSS6AI score0.00308EPSS
Exploits0References4
CVE
CVE
added 2026/06/23 4:14 p.m.17 views

CVE-2026-44959

CVE-2026-44959 affects Revive Adserver up to version 6.0.6. The issue is a missing validation of user input when saving delivery limitations, allowing a low-privileged user to add an unexpected component parameter and inject malicious PHP into the compiledlimitations field, which could be execute...

8.8CVSS6.6AI score0.0045EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:14 p.m.16 views

CVE-2026-34916

CVE-2026-34916 affects Revive Adserver 6.0.6 and earlier. A missing validation of user input when saving delivery limitations could allow a low‑privileged user to use the logical parameter to inject PHP code into the compiledlimitations field, which could be executed during banner delivery. The a...

8.8CVSS6.6AI score0.00499EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/20 11:57 a.m.30 views

CVE-2026-48908 Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2

A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code...

10CVSS0.00734EPSS
Exploits3References1
NVD
NVD
added 2026/06/12 9:16 p.m.11 views

CVE-2026-54362

An incorrect visibility condition in the MISP event template builder allowed authenticated non-site-admin users to view galaxies that should not have been visible to their organisation. The custom access-control condition intended to restrict galaxies to those owned by the user’s organisation or...

5.3CVSS0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.7 views

CVE-2026-33618

Chamilo LMS is a learning management system. Prior to .0.0-RC.3, the PlatformConfigurationController::decodeSettingArray method uses PHP's eval to parse platform settings from the database. An attacker with admin access obtainable via Advisory 1 can inject arbitrary PHP code into the settings,...

8.8CVSS5.7AI score0.00319EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 7:31 a.m.14 views

EUVD-2026-34789

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.6AI score0.80425EPSS
Exploits17References1
RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.11 views

CVE-2026-42879

FacturaScripts is an open source accounting and invoicing software. In 2025.81 and earlier, an authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload functionality. An attacker with valid credentials can upload a PHP file disguised as a GIF image using...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/30 2:55 p.m.12 views

CVE-2018-25409 SIM-PKH 2.4.1 Arbitrary File Upload via aksi_pengurus.php

SIM-PKH 2.4.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by submitting PHP code through the fupload parameter. Attackers can upload PHP files via the aksipengurus.php endpoint with module=pengurus and act=update parameters, which...

8.8CVSS6AI score0.00325EPSS
Exploits0References4
CVE
CVE
added 2026/05/29 10:19 a.m.19 views

CVE-2026-9559

CVE-2026-9559 describes a path traversal vulnerability in Mautic 7 within the campaign import feature. During ZIP extraction in campaign imports, a flaw in the validation logic allows file paths to escape the intended temporary directories, enabling an authenticated user with campaign import priv...

9.9CVSS6AI score0.00583EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Emlog Pro 安全漏洞

Emlog Pro is an open-source blog system developed by Emlog. Version 2.6.9 of Emlog Pro contains a security vulnerability, which stems from a path traversal vulnerability in the template upload function. This vulnerability allows authenticated administrators to execute arbitrary PHP code. By...

7.2CVSS6.1AI score0.00782EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/27 6:29 p.m.12 views

EUVD-2026-32626

FacturaScripts is an open source accounting and invoicing software. In 2025.81 and earlier, an authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload functionality. An attacker with valid credentials can upload a PHP file disguised as a GIF image using...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 12:5 a.m.5 views

GHSA-524G-X36V-9WM6 Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`

Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory. The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure sandbox. An authenticated user wi...

9.1CVSS6.1AI score0.00473EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.6 views

WordPress plugin Query Shortcode 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.5CVSS5.9AI score0.00495EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/26 4:38 p.m.38 views

CVE-2026-45728 Algernon: Single-file mode unconditionally enables debug mode

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

7.5CVSS0.00303EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 4:50 p.m.9 views

CVE-2026-33712

Typebot is a chatbot builder tool. In versions 3.15.2 and prior, the preview chat endpoint POST /api/v1/typebots/typebotId/preview/startChat allows unauthenticated users to achieve Server-Side Request Forgery SSRF by supplying a custom typebot definition with server-side code blocks. The fetch...

10CVSS5.8AI score0.00347EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.11 views

PT-2026-42604

Description Compiler::string escapes ", $, , NUL and TAB when generating PHP double-quoted string literals, but does not escape single quotes. In ModuleNode::compileConstructor, the template name from a % use % tag is compiled via subcompile - string and placed inside a surrounding PHP...

9.3CVSS6.2AI score0.00357EPSS
Exploits0References5
Rows per page
Query Builder