CVE-2026-35488

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, RecipeBookViewSet and RecipeBookEntryViewSet use CustomIsShared as an alternative permission class, but CustomIsShared.hasobjectpermission returns True for all HTTP methods —...

CVE-2017-17448

net/netfilter/nfnetlinkcthelper.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared across all net namespaces...

campus virtual-lms (xss/SQL Injection) Multiple Vulnerabilities

No description provided by source. +-----------------------------------------------------------------------------+ LMS: Campus Virtual-LMS WEB: http://campusvirtualcomputrade.cae.net Autor: Yasión Fecha: 12 jun 2009 +-----------------------------------------------------------------------------+...

CVE-2009-2149

Multiple cross-site scripting XSS vulnerabilities in Campus Virtual-LMS allow remote attackers to inject arbitrary web script or HTML via the 1 courseid parameter to enrolments/step1.php, or the 2 search or 3 siteid parameter to files/sharedlist.php...