Lucene search
+L

70 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-12994

The WCFM – Frontend Manager for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.7.27. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attacker...

5.3CVSS0.00361EPSS
Exploits0References12
NVD
NVD
added 6 days ago6 views

CVE-2026-10041

The WCFM – Frontend Manager for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.27 via the wcfmproductarchive due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

4.3CVSS0.0025EPSS
Exploits0References12
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-43156

The WCFM – Frontend Manager for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.7.27. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attacker...

5.3CVSS6.2AI score0.00361EPSS
Exploits0References12
CVE
CVE
added 6 days ago18 views

CVE-2026-12994

Technical details are not publicly available in the provided documents. The description summarizes the vulnerability but lacks concrete affected versions, components, and remediation specifics beyond general impact. Monitor for updates.

5.3CVSS6.2AI score0.00361EPSS
Exploits0References12
ICS
ICS
added 2026/06/09 12:0 a.m.10 views

Siemens Products using OpenSSL

SUMMARY OpenSSL has published a stack based buffer overflow vulnerability that allows a remote attacker to cause a denial of service DoS or potentially allow for remote code execution. Siemens has released new versions for several affected products and recommends to update to the latest...

9.8CVSS6.6AI score0.47621EPSS
Exploits7References10
RedhatCVE
RedhatCVE
added 2026/04/14 1:22 a.m.9 views

CVE-2026-36946

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/viewdetails.php...

2.7CVSS5.8AI score0.00284EPSS
Exploits1References1
ICS
ICS
added 2026/04/14 12:0 a.m.13 views

Siemens SINEC NMS

SUMMARY SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary user account. Siemens has released a new version for SINEC NMS and recommends to update to...

8.8CVSS5.9AI score0.00453EPSS
Exploits0References10
EUVD
EUVD
added 2026/04/13 3:31 p.m.6 views

EUVD-2026-21966

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/viewdetails.php...

2.7CVSS5.8AI score0.00284EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.7 views

PT-2026-32355

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/view details.php...

5.8AI score0.00284EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/13 12:0 a.m.34 views

CVE-2026-36946

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/viewdetails.php...

0.00284EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-10556

Malicious code in bioql PyPI...

7.6CVSS8.2AI score0.00483EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-36099

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00909EPSS
Exploits1References1
OSV
OSV
added 2025/06/27 4:15 p.m.6 views

CVE-2025-50370

A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...

6.5CVSS5.8AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:47 a.m.5 views

CVE-2023-30415

Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/viewinquiry.php...

9.8CVSS8.5AI score0.00838EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:34 p.m.5 views

CVE-2022-44347

Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=inquiries/viewinquiry=...

7.2CVSS8AI score0.00726EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/11 5:32 p.m.7 views

CVE-2025-32685

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aristo Rinjuang WP Inquiries wp-inquiries allows SQL Injection.This issue affects WP Inquiries: from n/a through = 0.2.1...

7.6CVSS7.3AI score0.00483EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 5:15 p.m.21 views

CVE-2025-32685

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aristo Rinjuang WP Inquiries wp-inquiries allows SQL Injection.This issue affects WP Inquiries: from n/a through = 0.2.1...

7.6CVSS0.00483EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 4:9 p.m.7 views

CVE-2025-32685 WordPress WP Inquiries plugin <= 0.2.1 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aristo Rinjuang WP Inquiries wp-inquiries allows SQL Injection.This issue affects WP Inquiries: from n/a through = 0.2.1...

7.6CVSS8.9AI score0.00483EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 4:9 p.m.66 views

CVE-2025-32685

CVE-2025-32685 is an authenticated SQL injection vulnerability in the WordPress plugin WP Inquiries (WP Inquiries

7.6CVSS7.3AI score0.00483EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/09 4:9 p.m.18 views

CVE-2025-32685 WordPress WP Inquiries plugin <= 0.2.1 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aristo Rinjuang WP Inquiries wp-inquiries allows SQL Injection.This issue affects WP Inquiries: from n/a through = 0.2.1...

7.6CVSS0.00483EPSS
Exploits0References1
Rows per page
Query Builder