3225 matches found
CVE-2026-6208
...
CVE-2026-6208
CVE-2026-6208 entry is rejected/not used and does not represent an active vulnerability.
EUVD-2026-34840
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
PT-2026-46966
Authorization bypass through User-Controlled key vulnerability in HAVELSAN Inc. Geographic Tracking System allows Exploitation of Trusted Identifiers. This issue affects Geographic Tracking System: before v0.0.2...
GHSA-XF4V-W5X5-PV79 Spree: CSV Formula Injection in Customer Export
Summary CSV formula injection also known as formula injection or CSV injection affects customer export. User-controlled values customer names, email addresses, and shipping addresses. When an administrator opens a crafted Export in Microsoft Excel or LibreOffice Calc, formulas embedded in user da...
Spree: CSV Formula Injection in Customer Export
Summary CSV formula injection also known as formula injection or CSV injection affects customer export. User-controlled values customer names, email addresses, and shipping addresses. When an administrator opens a crafted Export in Microsoft Excel or LibreOffice Calc, formulas embedded in user da...
EUVD-2026-34265
A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This allowed an authenticated user to override the server-defined ordering of over-correlating values. Depending on how the value wa...
CVE-2026-10863 MISP User-controlled order parameter in correlations over-correlation endpoint
A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This allowed an authenticated user to override the server-defined ordering of over-correlating values. Depending on how the value wa...
CVE-2026-4104 SQLi in Akmer Informatics' TeknoPass
Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Automation Industry and Trade Ltd. Co. TeknoPass allows SQL Injection. This issue affects TeknoPass: from 20210501 through 20260429...
CVE-2026-4104
Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Automation Industry and Trade Ltd. Co. TeknoPass allows SQL Injection. This issue affects TeknoPass: from 20210501 through 20260429...
EUVD-2026-34243
Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Automation Industry and Trade Ltd. Co. TeknoPass allows SQL Injection. This issue affects TeknoPass: from 20210501 through 20260429...
PT-2026-49156
Summary CSV formula injection also known as formula injection or CSV injection affects customer export. User-controlled values customer names, email addresses, and shipping addresses. When an administrator opens a crafted Export in Microsoft Excel or LibreOffice Calc, formulas embedded in user da...
PT-2026-46193
Name of the Vulnerable Software and Affected Versions TeknoPass versions 20210501 through 20260429 Description An authorization bypass exists due to a user-controlled SQL primary key issue, which allows for SQL Injection. SQL Injection is a technique where an attacker inserts malicious SQL code...
CVE-2025-14772
Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...
CVE-2025-14772 Broken Access Control in ABB T-MAC Plus web application
Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...
CVE-2025-14772 Broken Access Control in ABB T-MAC Plus web application
Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...
CVE-2025-14772
Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...
EUVD-2025-210051
Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...
CVE-2025-14772
CVE-2025-14772 concerns ABB T-MAC Plus, affected version 4.0-24. The issue is described as an authorization bypass via a User-Controlled key, indicating a broken access control vulnerability in the web application. Connected documents (NVD and CVE records) corroborate the same title and descripti...
PT-2026-45908
Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...