61318 matches found
CVE-2026-15377
A vulnerability was determined in Eleveo Call Recording Software 9.7.0. Affected by this vulnerability is an unknown functionality of the file /callrec/sendlogfile. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been publicly disclosed and m...
CVE-2026-15377
Technical details about CVE-2026-15377 are not publicly available in the provided documents; monitor for future updates.
CVE-2026-15377 Eleveo Call Recording Software sendlogfile improper authorization
A vulnerability was determined in Eleveo Call Recording Software 9.7.0. Affected by this vulnerability is an unknown functionality of the file /callrec/sendlogfile. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been publicly disclosed and m...
CVE-2026-15375
CVE-2026-15375 affects Eleveo Call Recording Software 9.7.0, targeting the LDAP User Interface component via the file /callrec/users_ldap.jsp. The issue is described as improper authorization, with remote initiation possible and public exploit disclosure. The record notes that the vendor was cont...
EUVD-2026-42925
A vulnerability has been found in Eleveo Call Recording Software 9.7.0. This impacts an unknown function of the file /callrec/usersldap.jsp of the component LDAP User Interface. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed ...
CVE-2026-15319
A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. This affects the function IPAllowlist of the file web/backend/middleware/accesscontrol.go of the component Launcher. Such manipulation leads to improper access controls. The attack may be performed from remote. The exploit...
EUVD-2026-42775
A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. This affects the function IPAllowlist of the file web/backend/middleware/accesscontrol.go of the component Launcher. Such manipulation leads to improper access controls. The attack may be performed from remote. The exploit...
EUVD-2026-42655
A security vulnerability has been detected in YzmCMS up to 7.5. Affected is the function geturl of the file /yzmphp/yzmphp.php of the component Header Handler. The manipulation of the argument HTTPHOST leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
CVE-2026-15193
A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...
CVE-2026-15192
A vulnerability has been found in mettle sendportal up to 3.0.1. This issue affects the function sendgrid/postmark/postal/mailjet of the component APIv1 Webhooks. The manipulation leads to missing authentication. The attack is possible to be carried out remotely. The exploit has been disclosed to...
CVE-2026-15192
A vulnerability has been found in mettle sendportal up to 3.0.1. This issue affects the function sendgrid/postmark/postal/mailjet of the component APIv1 Webhooks. The manipulation leads to missing authentication. The attack is possible to be carried out remotely. The exploit has been disclosed to...
CVE-2026-15134
CodeAstro Simple Online Leave Management System 1.0 contains a SQL injection vulnerability in the /SimpleOnlineLeave/index.php endpoint, triggered by manipulating the email parameter. The issue is exploitable remotely over the network, with Proof-of-Concept exploits observed. The CVSS data indica...
CVE-2026-15036
A vulnerability was determined in Harness up to 2.28.2. This vulnerability affects the function getAuthorizedSpaces of the file app/api/controller/gitspace/listall.go of the component gitspaces Endpoint. Executing a manipulation can lead to authorization bypass. The attack can be executed remotel...
CVE-2026-11328
creationtimestamp| type| source ---|---|--- 2026-07-07 04:51:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpzsm2qgcy2y 2026-07-07 13:16:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mq2osqsegt2p 2026-07-07 13:22:18+00:00| seen|...
EUVD-2026-41808
A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...
CVE-2026-14797 CodeAstro Apartment Visitor Management System edit-apartment.php sql injection
A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...
CVE-2026-14797
A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...
CVE-2026-14797
CodeAstro Apartment Visitor Management System 1.0 contains a SQL injection in /apartment-visitor/edit-apartment.php via manipulated editid. The vulnerability is remotely exploitable and affects unknown code paths in the file. Publicly disclosed exploits exist. The CVSS metrics indicate a network-...
EUVD-2026-41806
A vulnerability has been found in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/action-visitor.php. Such manipulation of the argument remark leads to sql injection. The attack may be performed from remote. Th...
EUVD-2026-41789
A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...