1478 matches found
CVE-2026-39493 WordPress Simply Schedule Appointments plugin <= 1.6.9.27 - SQL Injection vulnerability
Unauthenticated SQL Injection in Simply Schedule Appointments = 1.6.9.27 versions...
CVE-2026-39493
CVE-2026-39493 : The WordPress plugin Simply Schedule Appointments (versions
CVE-2026-39447
CVE-2026-39447: Unauthenticated Cross-Site Scripting (XSS) in the WordPress plugin Simply Schedule Appointments (versions
CVE-2026-39447 WordPress Simply Schedule Appointments plugin <= 1.6.10.6 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.10.6 versions...
EUVD-2026-36795
Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert builds an INSERT against HARVESTSITESCHEDULE via string...
PT-2026-49372
Unauthenticated Cross Site Scripting XSS in Simply Schedule Appointments = 1.6.10.6 versions...
PT-2026-49438
Unauthenticated Sensitive Data Exposure in Simply Schedule Appointments 1.6.11.2 versions...
CVE-2026-11504
A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...
CVE-2026-11504
A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...
EUVD-2026-35039
A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...
CVE-2026-11504
A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...
CVE-2026-11504 Tenda CX12L Wi-Fi Schedule Configuration Endpoint openSchedWifi setSchedWifi stack-based overflow
A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...
CVE-2026-11504
The CVE-2026-11504 entry concerns Tenda CX12L firmware 16.03.53.12. The vulnerability exists in the Wi‑Fi Schedule Configuration Endpoint, specifically the setSchedWifi function in /goform/openSchedWifi. Crafting the schedStartTime or schedEndTime argument causes a stack‑based buffer overflow, en...
PT-2026-47267
Name of the Vulnerable Software and Affected Versions Tenda CX12L version 16.03.53.12 Description A stack-based buffer overflow can be triggered remotely via the Wi-Fi Schedule Configuration Endpoint. The issue exists within the setSchedWifi function located in the /goform/openSchedWifi file. Thi...
CVE-2026-43680
A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to bypass a front-end restriction on OS Script schedule types and execute arbitrary operating system commands on the underlying host. This issue is fixed in FileMaker Cloud 2.22.0.5...
CVE-2026-10529
A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/module/web/system/ScheduleJobController.java of the component Task Scheduling Management Module. Executing a manipulation can...
CVE-2026-6613
A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function deleteagent/stopschedule/getscheduledata of the file superagi/controllers/agent.py. The manipulation of the argument agentid leads to authorization bypass. The attack is possible to be carried out...
CVE-2025-40903
A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can define a malicious restore schedule containing HTML tags. When a victim views the affected...
CVE-2026-8364
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
CVE-2026-21030
CVE-2026-21030 describes an improper access control issue in MediaTek Audio HAL prior to the SMR Jun-2026 Release 1, enabling local attackers to trigger privileged functions. The affected component is MediaTek Audio HAL; root cause is improper access control, with impact described as privileged a...