EUVD-2026-33835

A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function addreview/savereview/getallreviews of the file reviewapp.py. Performing a manipulation of the argument name/comment results in denial of service. The attack requires a local approac...

CVE-2026-44410

This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...

The vulnerability of the FreeScout support service management system lies in the improper implementation of the sequence of actions to be performed, allowing a malicious user to gain unauthorized access to the application’s functions.

The vulnerability of the FreeScout support service management system is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to the application’s functions...

Unauthorized Access

libreoffice allows unauthorized access to application functions. The remote resources protection module is not applied to bullet graphics, allowing any user to enable stealth mode to retrieve remote resources...

WHMCompleteSolution (WHMCS) 5.0 - Cross-Site Request Forgery (Multiple Application Function)

source: https://www.securityfocus.com/bid/53740/info WHMCS is prone to a cross-site scripting vulnerability and multiple HTML-parameter-pollution vulnerabilities because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the...