CVE-2026-36947

CVE-2026-36947 affects Sourcecodester Computer and Mobile Repair Shop Management System v1.0. The vulnerability is a SQL Injection in /rsms/admin/services/view_service.php. CVSS v3.1 base score 2.7 (LOW) with network attack vector, low complexity, requiring high privileges and no user interaction...

📄 WBCE CMS Privilege Escalation / Insecure Direct Object Reference

WBCE CMS versions prior to 1.6.4 suffers from insecure direct object reference and privilege escalation vulnerabilities. CVE-2025-65094: WBCE CMS is Vulnerable to Privilege Escalation via Group ID Manipulation IDOR Overview | Field | Details | |---|---| | CVE ID | CVE-2025-65094 | | Severity | HI...

PT-2026-32378

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been ma...

VulnCheck KEV: CVE-2026-27175

MajorDoMo aka Major Domestic Module is vulnerable to unauthenticated OS command injection via rc/index.php. The $param variable from user input is interpolated into a command string within double quotes without sanitization via escapeshellarg. The command is inserted into a database queue by...

PT-2026-32515

Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through 4.10.2 and 5.0.0 through 5.5.4, there is an SQL injection vulnerability in the Commerce TotalRevenue widget which allows any authenticated control panel user to achieve remote code execution through a four-step...

SourceCodester Cab Management System 安全漏洞

SourceCodester Cab Management System is an open-source taxi management system developed by SourceCodester. Version 1.0 of the SourceCodester Cab Management System has a security vulnerability, which stems from SQL injection in the /cms/admin/bookings/viewbooking.php file...

PT-2026-32494

Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint. Attackers can upload executable files .php5 scripts to web-accessible directories and execute th...

PT-2026-32355

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/view details.php...

UBUNTU-CVE-2019-25710

Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Attackers can inject malicious SQL code through the rowid POST parameter to extract sensitive database information using...

CVE-2019-25710 Dolibarr ERP-CRM 8.0.4 SQL Injection via rowid Parameter

Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Attackers can inject malicious SQL code through the rowid POST parameter to extract sensitive database information using...

CVE-2019-25703

CVE-2019-25703 affects ImpressCMS 1.3.11. A time-based blind SQL injection exists in the bid parameter accessed via admin.php, allowing an authenticated user to manipulate queries and extract data. The vulnerability arises from improper handling of the bid input, enabling SQL commands to be injec...

CVE-2019-25697

CMSsite 1.0 contains an SQL injection vulnerability exploitable via the cat_id parameter on category.php. Unauthenticated attackers can inject SQL to manipulate queries and exfiltrate sensitive data, including usernames and credentials. Impact is high for confidentiality and integrity, with succe...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: php: php-8.5.5-1.1.hum1 aarch64, x8664 php-bcmath-8.5.5-1.1.hum1 aarch64, x8664 php-cli-8.5.5-1.1.hum1 aarch64, x8664 php-common-8.5.5-1.1.hum1 aarch64, x8664 php-dba-8.5.5-1.1.hum1 aarch64, x866...

Cross-site Scripting (XSS)

Overview rhukster/dom-sanitizer is an a simple but effective DOM/SVG/MathML Sanitizer for PHP 7.4+. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the sanitize process. An attacker can cause the browser to send HTTP requests to attacker-controlled hosts, exfiltrat...

CVE-2026-33618

Chamilo LMS is a learning management system. Prior to .0.0-RC.3, the PlatformConfigurationController::decodeSettingArray method uses PHP's eval to parse platform settings from the database. An attacker with admin access obtainable via Advisory 1 can inject arbitrary PHP code into the settings,...

CVE-2026-33704 Chamilo LMS Affected by Authenticated Arbitrary File Write via BigUpload endpoint

Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user including students can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw POST body becomes the file content. While .php extensions are...

CVE-2026-32931

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload a PHP webshell by spoofing the Content-Type header to audio/mpeg. The uploaded file retains its...

CVE-2026-32892

CVE-2026-32892 affects Chamilo LMS before 1.11.38 and 2.0.0-RC.3. The vulnerability is an OS command injection in the move() function of fileManage.lib.php, where user-controlled path values are concatenated into shell commands (e.g., exec("mv $source $target")) without escaping. The move_to POST...

CVE-2026-32931 Chamilo LMS has Arbitrary File Upload via MIME-Only Validation in Exercise Sound Upload Leads to RCE

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload a PHP webshell by spoofing the Content-Type header to audio/mpeg. The uploaded file retains its...

CVE-2026-32931 Chamilo LMS has Arbitrary File Upload via MIME-Only Validation in Exercise Sound Upload Leads to RCE

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload a PHP webshell by spoofing the Content-Type header to audio/mpeg. The uploaded file retains its...