11401 matches found
CVE-2026-5560
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Demonstration of the Log4jShell Exploit This code may contain...
PT-2026-30734
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...
EUVD-2026-19067
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...
CVE-2026-5560
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...
CVE-2026-5560
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...
CVE-2026-5560 PHPGurukul Online Shopping Portal Project Parameter payment-method.php sql injection
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...
CVE-2026-5560 PHPGurukul Online Shopping Portal Project Parameter payment-method.php sql injection
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...
CVE-2026-5560
CVE-2026-5560 concerns PHPGurukul Online Shopping Portal Project 2.1. The vulnerable element is an unknown function in /payment-method.php within the Parameter Handler component. A manipulated paymethod argument enables SQL injection, with remote exploit possibility and a publicly available explo...
PHPGurukul Online Shopping Portal Project SQL注入漏洞
The PHPGurukul Online Shopping Portal Project is an online shopping portal project developed by PHPGurukul Corporation. Version 2.1 of the PHPGurukul Online Shopping Portal Project contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the paymethod parameter...
Beamforming Feedback As a Novel Attack Surface for Wi-Fi Physical-Layer Security
With the rapid evolution of wireless technologies, Wi-Fi has expanded beyond its original role in data transmission to support various emerging applications, particularly in physical-layer security, including device authentication, user authentication, and secret key generation. Despite extensive...
PT-2026-30430
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...
Exploit for Deserialization of Untrusted Data in Linuxfoundation Opentelemetry_Instrumentation_For_Java
CVE-2026-33701 — Unsafe Deserialization in OpenTelemetry Java...
UBUNTU-CVE-2026-34933
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version...
CVE-2026-34933 Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version...
Juju has a resource poisoning vulnerability
Summary Any authenticated user, machine or controller under a Juju controller can modify the resources of an application within the entire controller. This one is very straightforward to just read in the code: Step 1: The authorisation mechanism for the resource handler is defined here. One is on...
CVE-2026-23451
In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...
CVE-2026-23451
The CVE-2026-23451 issue affects the Linux kernel bonding subsystem. The vulnerability arises in bond_header_parse(), which can enter an infinite loop when a stack of two bonding devices is configured because skb->dev may point to the hierarchy top. The fix adds a new parameter, const struct n...
CVE-2026-23451 bonding: prevent potential infinite loop in bond_header_parse()
In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...
PT-2026-30242
Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the pwg.history.search API method in Piwigo is registered without the admin only option, allowing unauthenticated users to access the full browsing history of all gallery visitors. This issue has been patched...