CVE-2026-32905

OpenClaw before 2026.5.4 contains an authorization bypass vulnerability in the bundled device-pair plugin that allows non-owner authorized chat senders to issue device-pairing bootstrap codes without proper scope validation. Attackers with chat command access can create setup codes to enroll...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: net: caif: fixed a memory leak in cfusbldevicenotify. In the case of a failure in caifenrolldev, the allocated linksupport will not be assigned to the corresponding structure. Therefore, simply free the allocated pointer in case ...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net: caif: fixed a memory leak in caifdevicenotify In the event of a failure in caifenrolldev, the allocated linksupport will not be assigned to the corresponding structure. Therefore, simply free the allocated pointer in case of...

WordPress plugin Tutor LMS – eLearning and online course solution 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

CVE-2026-0803

A vulnerability was found in PHPGurukul Online Course Registration System up to 3.1. This affects an unknown part of the file /enroll.php. The manipulation of the argument studentregno/Pincode/session/department/level/course/sem results in sql injection. The attack may be launched remotely. The...

CVE-2026-0803

A vulnerability was found in PHPGurukul Online Course Registration System up to 3.1. This affects an unknown part of the file /enroll.php. The manipulation of the argument studentregno/Pincode/session/department/level/course/sem results in sql injection. The attack may be launched remotely. The...

CVE-2026-0803 PHPGurukul Online Course Registration System enroll.php sql injection

A vulnerability was found in PHPGurukul Online Course Registration System up to 3.1. This affects an unknown part of the file /enroll.php. The manipulation of the argument studentregno/Pincode/session/department/level/course/sem results in sql injection. The attack may be launched remotely. The...

CVE-2026-0803 PHPGurukul Online Course Registration System enroll.php sql injection

A vulnerability was found in PHPGurukul Online Course Registration System up to 3.1. This affects an unknown part of the file /enroll.php. The manipulation of the argument studentregno/Pincode/session/department/level/course/sem results in sql injection. The attack may be launched remotely. The...

CVE-2026-0803

CVE-2026-0803 affects the PHPGurukul Online Course Registration System up to version 3.1. The vulnerability lies in the /enroll.php file where manipulating the parameters studentregno, Pincode, session, department, level, course, or sem enables SQL injection. The issue can be exploited remotely, ...

PHPGurukul Online Course Registration System SQL注入漏洞

PHPGurukul Online Course Registration System is an online course registration system from PHPGurukul Inc. A SQL injection vulnerability exists in PHPGurukul Online Course Registration System version 3.1 and earlier, which originates from an incorrect manipulation of the parameters...

PT-2026-2025

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Course Registration System versions up to 3.1 Description A flaw exists in PHPGurukul Online Course Registration System that allows for SQL injection. The issue is located in the /enroll.php file. Manipulating the studentregn...

EUVD-2021-14524

Malware in sbrugna...

EUVD-2021-21704

Malware in sbrugna...

EUVD-2023-31934

Malicious code in bioql PyPI...

EUVD-2024-37764

Malicious code in bioql PyPI...

CVE-2025-10388

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

CVE-2025-10388

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

CVE-2025-10388 Selleo Mentingo Create New Course Basic Settings enroll-course cross site scripting

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

CVE-2025-10388 Selleo Mentingo Create New Course Basic Settings enroll-course cross site scripting

A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown processing of the file /api/course/enroll-course of the component Create New Course Basic Settings. Such manipulation of the argument Description leads to cross site scripting. The attack can be launched...

CVE-2025-10388

The CVE-2025-10388 vulnerability concerns Selleo Mentingo version 2025.08.27. Affected component: Create New Course Basic Settings, specifically the /api/course/enroll-course endpoint. Root cause: manipulation of the Description argument leading to cross-site scripting (XSS). The issue can be exp...