CVE-2026-30882

Chamilo LMS is a learning management system. Chamilo LMS version 1.11.34 and prior contains a Reflected Cross-Site Scripting XSS vulnerability in the session category listing page. The keyword parameter from $REQUEST is echoed directly into an HTML href attribute without any encoding or...

CVE-2023-44401

The Silverstripe CMS GraphQL Server serves Silverstripe data as GraphQL representations. In versions 4.0.0 prior to 4.3.7 and 5.0.0 prior to 5.1.3, canView permission checks are bypassed for ORM data in paginated GraphQL query results where the total number of records is greater than the number o...

PT-2023-10633 · Mobile Vikings · Mobile Vikings Django Ajax Utilities

Name of the Vulnerable Software and Affected Versions: Mobile Vikings Django AJAX Utilities versions up to 1.2.1 Description: A problematic issue affects the Pagination function of the django ajax/static/ajax-utilities/js/pagination.js file in the Backslash Handler component. The manipulation of...