CVE-2026-8708 Genzel breadcrumbs <= 1.2 - Cross-Site Request Forgery to Settings Update via Plugin Settings Page

The Genzel breadcrumbs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on the optionspage function. This makes it possible for unauthenticated attackers to update the plugin's breadcru...

CVE-2026-22220

A lack of proper input validation in the HTTP processing path in TP-Link Archer BE230 v1.2 web modules may allow a crafted request to cause the device’s web service to become unresponsive, resulting in a denial of service condition. A network adjacent attacker with high privileges could cause the...

CVE-2026-0631

An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows an adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...

CVE-2026-22223 Command Injection Vulnerability on TP-Link Archer BE230 v1.2

An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity...

SMBlog Remote Command Exucetion

Offical webpage : http://superbounou.phpnet.org/smartblog/ Version : v1.2 http://www.site.com/path/index.php?evilcode?&cmd=id http://www.site.com/?pg=evilcode?&cmd=id Patriotic Hackers irc.gigachat.net kurdhack Botan,B3g0k,Seyh,Nistiman...

exophpdesk_advisory.txt

=========================================================== ============================================================ Title: ExoPHPDesk Multiple Remote Vulnerabilities Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 15/11/2005 Severity: High. Remote Users...