Linux Distros Unpatched Vulnerability : CVE-2026-37712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the...

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, calluserfuncarray in function job type...

CVE-2026-6572

A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The manipulation of the argument fileUpload leads to improper authorization. Remot...

CVE-2026-6572 Collabora KodExplorer fileUpload Endpoint share.class.php improper authorization

A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The manipulation of the argument fileUpload leads to improper authorization. Remot...

PT-2026-33630

A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The manipulation of the argument fileUpload leads to improper authorization. Remot...

kodcloud KodExplorer 安全漏洞

KodCloud KodExplorer is a web file manager provided by the Chinese company KodCloud. Versions of KodCloud KodExplorer 4.52 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the handling of the path parameter in files/app/controller/share.class.php, which could lea...

CVE-2026-4831 kalcaddle kodbox Password-protected Share auth.class.php can improper authentication

A security flaw has been discovered in kalcaddle kodbox 1.64. Impacted is the function can of the file /workspace/source-code/app/controller/explorer/auth.class.php of the component Password-protected Share Handler. Performing a manipulation results in improper authentication. The attack is...

CVE-2025-15187

GreenCMS up to version 2.3 is affected by a path traversal in the File Handler’s DataController.class.php, where manipulating sqlFiles/zipFiles enables traversal. The issue is remote and publicly exploitable; affected products are no longer supported by the maintainer. No remediation or fixed ver...

CVE-2025-13468 SourceCodester Alumni Management System Delete admin_class.php delete_event authorization

A weakness has been identified in SourceCodester Alumni Management System 1.0. This issue affects the function deleteforum/deletecareer/deletecomment/deletegallery/deleteevent of the file admin/adminclass.php of the component Delete Handler. Executing manipulation of the argument ID can lead to...

CVE-2025-13198

CVE-2025-13198 affects DouPHP up to version 1.8 Release 20251022. The vulnerability is tied to the file upload/include/file.class.php component, where manipulation of the File argument enables unrestricted file uploads. This enables remote exploitation, with public disclosure of the exploit. Reme...

CVE-2025-12853

A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affects the function deletehouse of the file /adminclass.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly...

CVE-2025-12853

The CVE-2025-12853 issue affects SourceCodester Best House Rental Management System version 1.0, specifically the delete_house function in /admin_class.php. A manipulation of the ID parameter enables SQL injection, with remote exploitability and publicly disclosed exploits. Multiple feeds corrobo...

EUVD-2025-37469

A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function deletepayment of the file /adminclass.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

PT-2025-44747

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A weakness exists in the software that allows for SQL injection. The issue is located in the delete payment function within the /admin class.php file. Manipulation of t...

CVE-2025-12598

A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function savetenant of the file /adminclass.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be launched remotely. The exploit has been...

SourceCodester Best House Rental Management System SQL注入漏洞

SourceCodester Best House Rental Management System is a SourceCodester open source house rental management system. SourceCodester Best House Rental Management System version 1.0 exists SQL injection vulnerability, the vulnerability stems from the file /adminclass.php function savetenant on the...

PT-2025-44735

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A flaw exists in the software that allows for remote SQL injection. The issue is located in the save category function within the /admin class.php file. Manipulation of...

CVE-2025-12226

CVE-2025-12226 affects SourceCodester Best House Rental Management System 1.0. The flaw is in admin_class.php: the save_house function is vulnerable to SQL injection via manipulation of the house_no parameter. This enables remote exploitation; public exploits are noted in sources. A remediation/r...

PT-2025-43868

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A flaw exists in SourceCodester Best House Rental Management System 1.0 that allows for remote SQL injection. The issue is located within the login2 function of the...

CVE-2025-10782

A security flaw has been discovered in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /admin/class.php. Performing manipulation of the argument classname results in sql injection. The attack is possible to be carried out remotely. The exploit has been...