CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

660 matches found

CVE-2026-12788

A vulnerability was determined in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This vulnerability affects unknown code of the file /adpweb/a/base/barcodeDetail/import of the component XML Parser. This manipulation causes xml external entity reference. It is possible to...

6.5CVSS0.00237EPSS

Exploits0References5

Cvelist•added 4 days ago•32 views

CVE-2026-12788 zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 XML Parser import xml external entity reference

6.5CVSS0.00237EPSS

Exploits0References5

EUVD•added 4 days ago•8 views

EUVD-2026-38152

6.5CVSS6.2AI score0.00237EPSS

Exploits0References5

Github Security Blog•added 2026/06/05 8:35 p.m.•22 views

Shopper: Multiple data integrity and disclosure issues in admin Livewire components

Impact Three related defects on admin Livewire components allowed data tampering, sensitive data disclosure, and stored XSS: - IDOR via unlocked properties. Several Livewire components in the admin panel exposed Eloquent model identifiers as public properties without the Locked attribute. An...

5.6AI score0.00029EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/06/05 7:14 p.m.•8 views

CVE-2026-4880

The Barcode Scanner +Mobile App – Inventory manager, Order fulfillment system, POS Point of Sale plugin for WordPress is vulnerable to privilege escalation via insecure token-based authentication in all versions up to, and including, 1.11.0. This is due to the plugin trusting a user-supplied...

9.8CVSS5.5AI score0.00503EPSS

Exploits0References1

Positive Technologies•added 2026/06/05 12:0 a.m.•15 views

PT-2026-47090

8.7CVSS5.6AI score0.00029EPSS

Exploits0References4

CNNVD•added 2026/06/04 12:0 a.m.•4 views

Seagull BarTender 代码问题漏洞

Seagull BarTender is an enterprise-level labeling, barcode, and RFID design and printing software developed by Seagull Corporation in the United States. Versions of Seagull BarTender from 2.1 to 12.1.1 contain code-related vulnerabilities. These vulnerabilities stem from insecure deserialization...

8.5CVSS5.5AI score0.0013EPSS

Exploits0References3

Rosalinux•added 2026/06/01 11:12 a.m.•9 views

Advisory ROSA-SA-2026-3304

Software: mupdf 1.26.10 Operating System: ROSA-CHROME Unaffected versions: = mupdf-1.26.10-2 Affected versions: mupdf-1.26.10-2 CVE-ID: CVE-2026-25556 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability related to double-freeing memory exists in MuPDF versions from 1.23.0 to 1.27.0. This...

7.5CVSS5.8AI score0.00477EPSS

Exploits1

OSV•added 2026/05/18 4:34 p.m.•1 views

GHSA-F946-9QP6-VGCH shopper/framework: Authorization bypass in multiple Livewire admin components

Impact Multiple Livewire components in the admin panel allowed an authenticated low-privilege user to mutate data without the required permission: - Order detail Filament actions cancel, mark paid, mark complete, capture payment, archive, start processing were callable with readorders only and di...

8.1CVSS5.8AI score0.00258EPSS

Exploits0References7

RedhatCVE•added 2026/05/12 2:21 p.m.•8 views

CVE-2026-42645

Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Cross Site Request Forgery.This issue affects Barcode Scanner with Inventory & Order Manager: fro...

4.3CVSS5.8AI score0.001EPSS

Exploits0References1

Vulnrichment•added 2026/05/04 5:39 p.m.•3 views

CVE-2026-32834 Easy PayPal Events & Tickets < 1.4 Authentication Bypass via QR Code Scanning

Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash parameter. Attackers can...

8.7CVSS5.9AI score0.00448EPSS

Exploits0References3

NVD•added 2026/04/29 12:16 p.m.•3 views

CVE-2026-42645

4.3CVSS0.001EPSS

Exploits0References1

Vulnrichment•added 2026/04/29 10:40 a.m.•1 views

CVE-2026-42645 WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.11.0 - Cross Site Request Forgery (CSRF) vulnerability

4.3CVSS5.1AI score0.001EPSS

Exploits0References1

Cvelist•added 2026/04/29 10:40 a.m.•26 views

CVE-2026-42645 WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.11.0 - Cross Site Request Forgery (CSRF) vulnerability

4.3CVSS0.001EPSS

Exploits0References1

EUVD•added 2026/04/29 10:40 a.m.•2 views

EUVD-2026-26216

4.3CVSS5.1AI score0.001EPSS

Exploits0References1

ATTACKERKB•added 2026/04/29 10:40 a.m.•1 views

CVE-2026-42645

4.3CVSS5.1AI score0.001EPSS

Exploits0References2

CVE•added 2026/04/29 10:40 a.m.•7 views

CVE-2026-42645

CVE-2026-42645 affects the WordPress plugin Barcode Scanner with Inventory & Order Manager (component: barcode-scanner-lite-pos-to-manage-products-inventory-and-orders) for versions up to 1.11.0 . The issue is a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to trigg...

4.3CVSS5.1AI score0.001EPSS

Exploits0References1

Positive Technologies•added 2026/04/29 12:0 a.m.•4 views

PT-2026-35904

4.3CVSS5.1AI score0.001EPSS

Exploits0References1

CNNVD•added 2026/04/29 12:0 a.m.•8 views

WordPress Plugin Barcode Scanner with Inventory & Order Manager 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.001EPSS

Exploits0References1