EUVD-2026-22764

Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the subtitle upload endpoint POST /Videos/itemId/Subtitles, where the Format field is not validated, allowing path traversal via the file extension and enabling arbitrary file write. Th...

EUVD-2026-22772

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an insecure direct object modification vulnerability in the PUT /api/users/id endpoint allows any authenticated user with ROLESTUDENT to escalate their privileges to ROLEADMIN by modifying the roles field o...

CVE-2026-40291

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an insecure direct object modification vulnerability in the PUT /api/users/id endpoint allows any authenticated user with ROLESTUDENT to escalate their privileges to ROLEADMIN by modifying the roles field o...

CVE-2026-40291 Chamilo LMS has Privilege Escalation via API User Role Modification

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an insecure direct object modification vulnerability in the PUT /api/users/id endpoint allows any authenticated user with ROLESTUDENT to escalate their privileges to ROLEADMIN by modifying the roles field o...

CVE-2026-40291

Chamilo LMS exposes an insecure direct object modification in PUT /api/users/{id} prior to version 2.0.0-RC.3, allowing any authenticated user with ROLE_STUDENT to escalate to ROLE_ADMIN by modifying their own roles field. The API Platform check is_granted('EDIT', object) only verifies ownership,...

CVE-2026-33714 Chamilo LMS has Authenticated SQL Injection in statistics.ajax.php users_active action (2.0 RC2)

Chamilo is an open-source learning management system LMS. Version 2.0.0-RC.2 contains a SQL Injection vulnerability in the statistics AJAX endpoint, which is an incomplete fix for CVE-2026-30881. While CVE-2026-30881 was patched by applying Security::removeXSS to the datestart and dateend...

CVE-2026-33714

Chamilo is an open-source learning management system LMS. Version 2.0.0-RC.2 contains a SQL Injection vulnerability in the statistics AJAX endpoint, which is an incomplete fix for CVE-2026-30881. While CVE-2026-30881 was patched by applying Security::removeXSS to the datestart and dateend...

CVE-2025-70811

Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the Admin Control Panel icon management functionality...

CVE-2026-6182

A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php. Such manipulation of the argument User leads to sql injection. The attack may be launched remotely. The exploit is...

EUVD-2026-22577

Improper neutralization of input during web page generation 'cross-site scripting' in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network...

EUVD-2026-22296

An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to execute arbitrary code via uploading a crafted PHP file...

EUVD-2026-22305

An improper authorization vulnerability in the /api/v1/users/id endpoint of Snipe-IT v8.4.0 allows authenticated attackers with the users.edit permission to modify sensitive authentication and account-state fields of other non-admin users via supplying a crafted PUT request...

EUVD-2026-22284

CWE-93 Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability exists that could cause application user credentials to reset when a Web Admin user alters the POST /setPCBEDesc request payload...

EUVD-2025-209447

In manikandan580 School-management-system 1.0, a reflected XSS vulnerability exists in /studentms/admin/contact-us.php via the pagedes POST parameter...

EUVD-2025-209443

alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting XSS in /public/admin/editroom.php which allows an attacker to inject and execute arbitrary JavaScript via the roomid GET parameter...

CVE-2026-32196

Improper neutralization of input during web page generation 'cross-site scripting' in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-0209

Under certain administrative conditions, FlashArray Purity may apply snapshot retention policies earlier or later than configured...

CVE-2026-24907

October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting XSS vulnerability in the Event Log mail preview feature. When viewing logged mail messages, HTML content was rendered in an iframe without proper sandboxing,...

Exploit for CVE-2025-24000

CVE-2025-24000 — Post SMTP Privilege Escalation Exploit Ov...

CVE-2026-32196

Improper neutralization of input during web page generation 'cross-site scripting' in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network...