28448 matches found
CVE-2026-59805
Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticated sellers to manipulate purchase access for other sellers' products by sending PUT requests to the revokeaccess and undorevokeaccess actions without seller ownership...
EUVD-2026-42180
The application opens the PDF, and JavaScript performs operations on the page and the document, causing the page-related objects within the application to lose synchronization; however, the renderer still trusts the outdated page count, and eventually the application crashes due to out-of-bounds...
rConfig 3.9.4 - SQL Injection
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because nodes' passwords are stored by default in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. id: CVE-2020-10547 info: nam...
Atom CMS v2.0 - SQL Injection
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php. id: CVE-2022-24223 info: name: Atom CMS v2.0 - SQL Injection author: theamanrawat severity: critical description: | AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php...
Cobbler - Authentication Bypass
Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ and possibly even older versions, may be vulnerable to an authentication bypass vulnerability in XMLRPC API /cobblerapi that can result in privilege escalation, data manipulation or exfiltration, and LDAP credential harvesting...
OpenMetadata - Authentication Bypass
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The JwtFilter handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request...
WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection
WordPress RegistrationMagic plugin before 5.0.1.6 contains an authenticated SQL injection vulnerability. The plugin does not escape user input in its rmchronosajax AJAX action before using it in a SQL statement when duplicating tasks in batches. An attacker can possibly obtain sensitive...
XStream 1.4.18 - Remote Code Execution
XStream 1.4.18 is susceptible to remote code execution. An attacker can execute commands of the host by manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the...
Doctor Appointment System 1.0 - SQL Injection
SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page. id: CVE-2021-27314 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: critical description: |...
CVE-2026-54893
URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into the URL path /users/from/sendMail without percent-encoding or validation. In applications that derive the from address...
CVE-2026-54893
Swoosh.Adapters.MsGraph is vulnerable to URL path injection via the from-address interpolation into /users/{from}/sendMail without percent-encoding or validation. If from derives from untrusted input, an attacker can inject URL-special characters (/, ?, #) to escape the intended path and rewrite ...
CVE-2026-58467
A flaw was found in Cockpit CMS. This vulnerability, a path traversal and local file inclusion, allows an unauthenticated attacker to read arbitrary files or execute PHP files. By manipulating the URL, an attacker can bypass security checks and access restricted directories. This could lead to...
EUVD-2026-41860
An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised access to other companies hosted within the same subdomain environment. The application does not adequately verify whether the requested company ID belongs to the authenticated user...
CVE-2026-12686
CVE-2026-12686 affects Adiss’s Biloop: an authenticated user can manipulate a company ID in a POST to the backend, bypassing cross-tenant authorization and gaining access to other companies’ data (including billing) and potentially modifying third-party data. Root cause is inadequate verification...
EUVD-2026-41830
Improper Input Validation vulnerability in Apache Camel AWS2-SQS Component. The camel-aws2-sqs component map inbound message attributes into the Camel Exchange through a component-specific HeaderFilterStrategy. Sqs2HeaderFilterStrategy configured only an outbound filter setOutFilterPattern, which...
CVE-2026-14651
A flaw was found in grass, a Sass compiler. This vulnerability allows a local attacker to cause a Denial of Service DoS by manipulating specific functions within the compiler, such as grasscompiler::selector::extend or grasscompiler::evaluate::visitor. This can lead to the compiler becoming...
EUVD-2026-41814
A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...
EUVD-2026-41810
A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...
CVE-2026-14791
A weakness has been identified in crater-invoice-inc crater up to 6.0.6. This affects the function getFormattedString of the file app/Http/Requests/InvoicesRequest.php of the component Invoice Note Handler. Executing a manipulation of the argument notes can lead to cross site scripting. The attac...
CVE-2026-14791
CVE-2026-14791 affects crater-invoice-inc crater up to 6.0.6. The vulnerability exists in the function getFormattedString of app/Http/Requests/InvoicesRequest.php within the Invoice Note Handler . Manipulating the argument notes may lead to cross-site scripting (XSS) . The attack can be launched ...