PT-2026-45726

Name of the Vulnerable Software and Affected Versions Tiled Gallery Carousel Without JetPack versions prior to 3.2 Description The plugin is subject to stored cross-site scripting due to insufficient input sanitization and output escaping. Authenticated attackers with contributor level access or...

WordPress Tiled Gallery Carousel Without JetPack plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Tiled Gallery Carousel Without JetPack versions = 3.1...

Exploit for CVE-2026-36227

CVE-2026-36227: Easy Chat Server 3.1 UserName Path Traversal P...

EUVD-2026-31473

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

CVE-2026-9157

The CVE-2026-9157 entry documents a vulnerability in Gmission Web Fax affecting Web Fax versions 3.0 before 3.1. It is caused by improper input validation and unrestricted upload of a file with a dangerous type, enabling Remote Code Inclusion. According to CVSS 3.1, the impact is High (C/H, I/H, ...

LizardSystems Terminal Services Manager 访问控制错误漏洞

LizardSystems Terminal Services Manager is a terminal service management software developed by LizardSystems Corporation. Version 3.1 of LizardSystems Terminal Services Manager contains an access control vulnerability. This vulnerability stems from a stack-based buffer overflow in the computer na...

CVE-2026-39386

Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC In versions 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1, any authenticated user can immediately obtain full administrative control of the entire Neko instance member management, room settings, broadcast control, session...

EUVD-2025-209427

In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered within the profile picture upload functionality on the /my-profile.php page...

CVE-2025-51414

Phpgurukul Online Course Registration v3.1 is affected by an arbitrary file upload vulnerability in the profile picture upload at /my-profile.php. The CVE details indicate a high-severity issue (CVSS 3.1: 8.8) with network access and low attacker/authentication requirements, enabling total impact...

Echo Mirage 缓冲区错误漏洞

Echo Mirage is a software tool developed by abhi1299, used for audio signal processing and echo effect simulation. Version 3.1 of Echo Mirage contains a buffer error vulnerability, which stems from insufficient input validation of the Rules operation field. This vulnerability may lead to a stack...

Apache DolphinScheduler vulnerable to sensitive information disclosure

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, including database credentials. This issue affects Apache DolphinScheduler versions 3.1.. Users are...

CVE-2025-62188

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, including database credentials. This issue affects Apache DolphinScheduler versions 3.1.. Users are...

Apache DolphinScheduler 安全漏洞

Apache DolphinScheduler is a modern data orchestration platform developed by the Apache Foundation in the United States. Version 3.1.x of Apache DolphinScheduler contains a security vulnerability that exposes sensitive information, potentially allowing unauthorized access...

CVE-2026-39632

The CVE-2026-39632 entry concerns the WordPress ThemeGoods Grand Blog (grandblog) theme, affected versions up to 3.1. The vulnerability is a Cross-Site Request Forgery (CSRF) in Grand Blog that allows unauthorized actions initiated by forged requests. The connected Red Hat and EU/NVD records conf...

CVE-2026-39632 WordPress Grand Blog theme <= 3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Blog grandblog allows Cross Site Request Forgery.This issue affects Grand Blog: from n/a through = 3.1...

PT-2026-31197

CVE-2026-39632 Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Blog grandblog allows Cross Site Request Forgery.This issue affects Grand Blog: from n/a through … https://t.co/OW3wZzxUFW...

PHPGurukul Online Course Registration SQL注入漏洞

PHPGurukul Online Course Registration is an online course registration system provided by PHPGurukul Corporation. Version 3.1 of PHPGurukul Online Course Registration contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ‘cid’ in the file...

PT-2026-31552

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Course Registration version 3.1 Description A security issue exists in PHPGurukul Online Course Registration 3.1 related to the processing of the /admin/check availability.php file. Manipulation of the regno argument can lead...

CVE-2026-5638

The CVE-2026-5638 affects HerikLyma CPPWebFramework up to 3.1. The issue enables path traversal via manipulated input in an unknown processing step, with remote exploitation possible and a public exploit. The project was informed but has not responded. No remediation details are provided in the c...

EChat Server 缓冲区错误漏洞

EChat Server is a server-side chat system developed by EChat Server Company, which supports instant messaging and message forwarding. Version 3.1 of EChat Server contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the chat.ghp endpoint, which may allow remote...