CVE-2025-70791

Cross Site Scripting vulnerability in the "/admin/order/abandoned" endpoint of Microweber 2.0.19. An attacker can manipulate the "orderDirection" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The iss...

CVE-2025-70792

Cross Site Scripting vulnerability in the "/admin/category/create" endpoint of Microweber 2.0.19. An attacker can manipulate the "relid" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was...

EUVD-2026-5489

A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life EOL, are affected by the vulnerability as well...

Maian Media Maian Support 跨站请求伪造漏洞

Maian Media Maian Support is a ticket support system provided by Maian Media Limited in the UK. Version 4.3 of Maian Media Maian Support contains a cross-site request forgeing vulnerability. This vulnerability stems from cross-site request forgeing techniques, allowing attackers to create malicio...

Cross-site Scripting (XSS)

Overview craftcms/commerce is a Craft Commerce Affected versions of this package are vulnerable to Cross-site Scripting XSS via the value.name field in the dashboard widget. An attacker can execute arbitrary JavaScript in the context of an admin user's browser by injecting malicious scripts into...

CVE-2020-37046

Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...

PT-2026-5485

Name of the Vulnerable Software and Affected Versions Sistem Informasi Pengumuman Kelulusan Online version 1.0 Description The application contains a cross-site request forgery condition that permits attackers to add unauthorized admin users. This is achieved by exploiting the tambahuser.php...

FreePBX Custom Extension SQL Injection

FreePBX versions prior to 16.0.44,16.0.92 and 17.0.23,17.0.6 are vulnerable to multiple CVEs, specifically CVE-2025-66039 and CVE-2025-61675, in the context of this module. The versions before 16.0.44 and 17.0.23 are vulnerable to CVE-2025-66039, while versions before 16.0.92 and 17.0.6 are...

CVE-2026-24347

Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory...

CVE-2026-24344

Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution...

CVE-2026-24348

Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users...

CVE-2026-24347

CVE-2026-24347 : The Red Hat/NVD/NVD enrichment entries describe an improper input validation in the Admin UI of EZCast Pro II (version 1.17478.146) that allows an attacker to manipulate files in the /tmp directory. This is tied to the EZCast Pro II dongle/application and is actionable via the Ad...

CVE-2026-24346 Use of well-known default credentials in EZCast Pro II Dongle

Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application...

EUVD-2026-4823

Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application...

CVE-2025-9615

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

phpMyFAQ: /api/setup/backup accessible to any authenticated user (authz missing)

Summary Authenticated non‑admin users can call /api/setup/backup and trigger a configuration backup. The endpoint only checks authentication, not authorization, and returns a link to the generated ZIP. Details SetupController.php uses userIsAuthenticated but does not verify that the requester has...

GHSA-7P9H-M7M8-VHHV phpMyFAQ: Attachment download allowed without dlattachment right (broken access control)

Summary A logged‑in user without the dlattachment right can download FAQ attachments. This is due to a permissive permission check in attachment.php that treats the mere presence of a right key as authorization and a flawed group/user logic expression. Details In attachment.php, the access decisi...

phpMyFAQ: Attachment download allowed without dlattachment right (broken access control)

Summary A logged‑in user without the dlattachment right can download FAQ attachments. This is due to a permissive permission check in attachment.php that treats the mere presence of a right key as authorization and a flawed group/user logic expression. Details In attachment.php, the access decisi...

CVE-2022-25369

An issue was discovered in Dynamicweb before 9.12.8. An attacker can add a new administrator user without authentication. This flaw exists due to a logic issue when determining if the setup phases of the product can be run again. Once an attacker is authenticated as the new admin user they have...

CVE-2026-0920

CVE-2026-0920 affects the WordPress plugin “LA-Studio Element Kit for Elementor” (≤ 1.5.6.3). The root cause is a missing role restriction in the AJAX registration handler (ajax_register_handle), which lets unauthenticated users supply the lakit_bkrole parameter and create an administrator accoun...