EUVD-2026-34772

A weakness has been identified in SourceCodester Ship Ferry Ticket Reservation System 1.0. This affects an unknown function of the file /admin/. This manipulation of the argument page causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made available...

EUVD-2026-34543

A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The manipulation of the argument socialtwitter results in sql injection. The attack may be launched remotely. The exploit has been...

EUVD-2026-34542

A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown function of the file /admin/adminHome.php. The manipulation of the argument socialinsta leads to sql injection. The attack may be initiated remotely. The exploit is publicly...

CVE-2026-10877

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Username leads to sql injection. The attack can be executed...

PT-2026-47026

Name of the Vulnerable Software and Affected Versions Hippoo Mobile App for WooCommerce versions prior to 1.9.5 Description An authentication bypass exists that allows for administrator account takeover. The issue stems from a logic conflation in the get user permissions function within...

PT-2026-46977

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage user. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2026-36500

The CVE-2026-36500 vulnerability affects the cluster-admin:backup-datastore component of Controller v12.0.5, where a crafted request can trigger a directory traversal. This is described across multiple sources (NVD/CVE listings, AttackersKB, CVE list, EUVD) as a vulnerability in that component, w...

SourceCodester Ship Ferry Ticket Reservation System 代码注入漏洞

The SourceCodester Ship Ferry Ticket Reservation System is an open-source booking system for ship tickets developed by SourceCodester. Version 1.0 of the SourceCodester Ship Ferry Ticket Reservation System has a code injection vulnerability. This vulnerability stems from improper handling of the...

Arista Networks EOS Security Update (SA0140)

The version of Arista Networks EOS running on the remote device is affected by a vulnerability as referenced in security advisory SA0140. - A user with local eos-admin privileges on affected Arista EOS Extensible Operating System platforms where secure boot is enabled can bypass Secure Boot...

CollegeManagementSystem 授权问题漏洞

CollegeManagementSystem is a comprehensive management system for college students and academic administration, developed by Tittu Varghese. There are authorization issues in CollegeManagementSystem; these vulnerabilities stem from improper handling of the UserAuthData parameter in the...

PT-2026-47090

Impact Three related defects on admin Livewire components allowed data tampering, sensitive data disclosure, and stored XSS: - IDOR via unlocked properties. Several Livewire components in the admin panel exposed Eloquent model identifiers as public properties without the Locked attribute. An...

PT-2026-47049

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW affected versions not specified Description An administrative cross-site scripting XSS issue exists in the web user interface dashboard layout. Unvalidated user-supplied...

EUVD-2026-34866

An issue in the cluster-admin:backup-datastore component of Controller v12.0.5 allows attackers to execute a directory traversal via a crafted request...

PT-2026-47041

Name of the Vulnerable Software and Affected Versions HAX CMS versions prior to 26.0.0 Description An improper session termination issue exists where authentication tokens remain valid after a user logs out. This allows an attacker who possesses a valid token to maintain persistent access to...

PT-2026-47059

We just found and disclosed CVE-2026-10753 in Google's Site Kit, the official Google plugin running on 5M+ WordPress sites. Our team caught a broken access control flaw that slipped past everyone else. One REST API write endpoint checked for view level access when it should have required admin...

PT-2026-47068

Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker versions prior to 11.1.3 Description The plugin is susceptible to time-based blind SQL Injection, a technique where an attacker asks the database true/false questions and determines the...

PT-2026-47065

Name of the Vulnerable Software and Affected Versions Admin Columns versions prior to 7.0.19 Description The plugin is subject to PHP Object Injection, which can lead to Remote Code Execution. This occurs because the get ids from string function in the IdsToCollection class uses unserialize witho...

PT-2026-47033

Name of the Vulnerable Software and Affected Versions WP Captcha PRO versions prior to 5.39 Description An authentication bypass exists due to the ajax run tool AJAX handler relying only on a nonce check via check ajax referer without performing capability checks. This is combined with the create...

WordPress plugin Admin Columns 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

SourceCodester Ship Ferry Ticket Reservation System 授权问题漏洞

The SourceCodester Ship Ferry Ticket Reservation System is an open-source booking system developed by SourceCodester. Version 1.0 of the SourceCodester Ship Ferry Ticket Reservation System has a vulnerability related to authorization issues. This vulnerability arises from improper handling of the...