CVE-2026-33431

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config//show API endpoint accepts a configver parameter that is directly appended to a base directory path to construct a local file path, which is subsequently opened and it...

CVE-2026-40590

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the Change Customer modal exposes a “Create a new customer” flow via POST /customers/ajax with action=create. Under limited visibility, the endpoint drops unique-email validation. If the supplied email already...

CVE-2026-44554

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/retrieval/process/web endpoint accepts a user-supplied collectionname and an overwrite query parameter default: True. It performs no authorization check on whether t...

CVE-2019-25744

WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the posttitle parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads...

CVE-2019-25744 WordPress Popup Builder 3.49 Persistent Cross-Site Scripting

WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the posttitle parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads...

CVE-2019-25744 WordPress Popup Builder 3.49 Persistent Cross-Site Scripting

WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the posttitle parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads...

EUVD-2019-20180

WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the posttitle parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads...

PT-2026-46214

WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the post title parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payload...

CVE-2018-25400

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the ajax/formpost.php endpoint with crafted SQL payloads to extract...

CVE-2018-25400 The Open ISES Project 3.30A SQL Injection via form_post.php

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the ajax/formpost.php endpoint with crafted SQL payloads to extract...

CVE-2018-25400 The Open ISES Project 3.30A SQL Injection via form_post.php

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the ajax/formpost.php endpoint with crafted SQL payloads to extract...

CVE-2026-45610 WWBN AVideo plugin/LoginControl/set.json.php: 2FA toggle endpoint has no CSRF protection, letting an attacker page silently disable a logged-in victim's 2FA

WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a cross-site request forgery vulnerability on the 2FA toggle. plugin/LoginControl/set.json.php accepts POST type=set2FA value=false, calls LoginControl::setUser2FAUser::getId, false on the session-authenticated user, and...

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.3 contained security vulnerabilities. These vulnerabilities stemmed from the default empty value of api.apiClientToken in API v4.0, which allowed unverified users to create...

CVE-2026-45083

The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /api/v1/index/stream accepted an arbitrary Solr streaming expression from unauthenticated network clients and forwarded it to th...

CVE-2026-3481

The WP Blockade plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode' parameter in all versions up to and including 0.9.14. This is due to insufficient input sanitization and output escaping in the rendershortcodepreview function. The function receives user inpu...

CVE-2026-3481 WP Blockade <= 0.9.14 - Reflected Cross-Site Scripting via 'shortcode' Parameter

The WP Blockade plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode' parameter in all versions up to and including 0.9.14. This is due to insufficient input sanitization and output escaping in the rendershortcodepreview function. The function receives user inpu...

PT-2026-42723

Name of the Vulnerable Software and Affected Versions WP Blockade versions prior to 0.9.15 Description The plugin is subject to Reflected Cross-Site Scripting, a flaw where an application includes untrusted data in a web page without proper validation, allowing attackers to execute scripts in the...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the POST /wikis/wikiName endpoint. An attacker can create or update documents in the target wiki by sending unauthenticated requests to the affected REST endpoint. Remediation Upgrade...

CVE-2026-44554

Open WebUI (self-hosted AI) vulnerability: the POST /api/v1/retrieval/process/web endpoint accepts a user-controlled collection_name with overwrite defaulting to True, and performs no authorization check to verify write access. When overwrite is True, save_docs_to_vector_db calls VECTOR_DB_CLIENT...

CVE-2026-42180

Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy allows an authenticated low-privileged user to create a link post through POST /api/v3/post. When a post is created in a public community, the backend asynchronously sends a Webmention to the attacker-controll...