CVE-2026-7567 Temporary Login <= 1.0.0 - Authentication Bypass to Account Takeover

The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybelogintemporaryuser function, which fails to verify that the 'temp-login-token' GET parameter is a scalar string before...

PT-2026-1802

Name of the Vulnerable Software and Affected Versions Asseco ADMX versions prior to 6.09.01.62 Description The Asseco ADMX system, used for processing medical records, allows authenticated users to access medical files belonging to other users. This is achieved by manipulating GET arguments...

EUVD-2017-3040

Malware in sbrugna...

EUVD-2023-32309

Malicious code in bioql PyPI...

OAuth Identity XWiki App Cross-Site Scripting Vulnerability

OAuth Identity XWiki App is an open source XWiki SAS library of essential elements for building identities and service providers based on OAuth authorization. A cross-site scripting vulnerability exists in OAuth Identity XWiki App, which stems from the identityOAuth parameter sent in a GET reques...

Expert Restaurant eCommerce 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Pornhub: xss

The researcher found a GET parameter, the value of which was output in the page source, resulting in XSS...