CVE-2026-40484 ChurchCRM: Authenticated Remote Code Execution via Unrestricted PHP File Write in Database Restore Function

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory, which performs no file...

EUVD-2026-23597

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory, which performs no file...

CVE-2026-40301

Summary of CVE-2026-40301 : The PHP library rhukster/dom-sanitizer (and related advisories) contains a flaw prior to version 1.0.10 where DOMSanitizer::sanitize() does not inspect the text content of elements inside SVG. As a result, CSS rules using url() and @import can reference attacker-contr...

ctf-writeups-Doli1

🛡️ Doli 1 — CTF Writeup VulnHub VAPT Report For...

CVE-2026-6496 prasathmani TinyFileManager POST Parameter filemanager.php path traversal

A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function of the file /filemanager.php of the component POST Parameter Handler. The manipulation of the argument file results in path traversal. The attack may be performed from remote. The exploit has been...

CVE-2026-6487

A flaw has been found in Qihui jtbc5 CMS 5.0.3.6. Affected is an unknown function of the file /dev/code/common/diplomat/manage.php of the component Code Endpoint. This manipulation of the argument path causes path traversal. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-6489

A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Background Management Page. The manipulation of the argument image results in unrestricted upload. The...

CVE-2026-6488

CVE-2026-6488 affects QueryMine sms, specifically the admin/editcourse.php code path under the GET Request Parameter Handler. The root cause is SQL injection triggered by manipulating the argument ID, allowing remote exploitation. Public exploit appears to be available; the disclosure notes rolli...

CVE-2026-6487 Qihui jtbc5 CMS Code Endpoint manage.php path traversal

A flaw has been found in Qihui jtbc5 CMS 5.0.3.6. Affected is an unknown function of the file /dev/code/common/diplomat/manage.php of the component Code Endpoint. This manipulation of the argument path causes path traversal. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-6486

CVE-2026-6486 affects classroombookings up to version 2.17.0; the read() function in crbs-core/application/views/layout.php (User Display Name Handler) is vulnerable to cross-site scripting via the displayname argument. Exploitation is possible remotely; exploitation is documented as PoC. A fix i...

QiHui JBTC CMS 安全漏洞

QiHui JBTC CMS is an open-source content management system developed by QiHui. Version 5.0.3.6 of QiHui JBTC CMS contains a security vulnerability. This vulnerability stems from an unknown function in the component Code Endpoint, which improperly handles parameters with the path parameter in the...

TinyFileManager 安全漏洞

TinyFileManager is a web-based file manager developed by Prasathmani. It allows for online storage, uploading, editing, and management of files and folders through a web browser. Versions of TinyFileManager 2.6 and earlier contained security vulnerabilities, which stemmed from the handling of the...

PT-2026-33449

Name of the Vulnerable Software and Affected Versions QueryMine sms versions up to 7ab5a9ea196209611134525ffc18de25c57d9593 Description Remote SQL injection is possible via the GET Request Parameter Handler in the 'admin/editcourse.php' file. The issue occurs when the ID argument is manipulated,...

WordPress Eldon theme <= 1.4.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Eldon versions = 1.4.1...

WordPress Reina theme <= 2.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Reina versions = 2.1...

WordPress ShiftUp theme <= 1.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme ShiftUp versions = 1.3...

EUVD-2026-23262

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/managepark.php...

CVE-2026-6409

A Denial of Service DoS vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or deep recursion—can be used to crash the application, impacting service availability...

CVE-2026-37338

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/viewuser.php...

CVE-2026-37340

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/editmusic.php...