2841197 matches found
IServ Schoolserver User Enumeration
IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...
CVE-2026-13520
The CVE describes a SQL injection in itsourcecode Hospital Management System v1.0, affecting the file /appointmentapproval.php (component: Appointment Handler). The vulnerability is triggered by manipulating the editid parameter, enabling remote exploitation. Exploit evidence is indicated as publ...
EUVD-2026-40006
A vulnerability has been found in RAGapp up to 0.1.5. Affected is the function FileHandler.uploadfile/FileHandler.removefile of the file src/ragapp/backend/controllers/files.py of the component Knowledge File Handler. Such manipulation leads to path traversal. The attack can be executed remotely...
EUVD-2026-40010
A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0. This vulnerability affects the function SegmentId::getCacheKey in the library src/VectorIndex/Common/SegmentId.h. The manipulation results in insufficient verification of data authenticity. It is possible to launch the attack...
EUVD-2026-40011
A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...
EUVD-2026-40012
A security vulnerability has been detected in Tenda JD12L 16.03.53.23. Impacted is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. Such manipulation of the argument startIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclos...
EUVD-2026-40013
A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...
EUVD-2026-40009
A vulnerability was identified in Databend up to 1.2.881 on HTTP. This affects the function ClientSessionManager::statekey of the file src/query/service/src/servers/http/v1/session/clientsessionmanager.rs of the component Tenant Handler. The manipulation leads to authorization bypass. It is...
EUVD-2026-40004
A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function strtouint64 of the file openviking/storage/vectordb/utils/strtouint64.py of the component Local VectorDB Primary-key Label Handler. The manipulation of the argument ID results in insufficient verificatio...
CVE-2026-13513
Summary: CVE-2026-13513 affects MyScale MyScaleDB up to 1.8.0, impacting SegmentId::getCacheKey in src/VectorIndex/Common/SegmentId.h. The issue is described as insufficient verification of data authenticity and can be exploited remotely with high attack complexity; exploit maturity is labeled as...
CVE-2026-13511
CVE-2026-13511 affects VoltAgent up to 2.1.17, specifically the Memory REST API’s memory.handlers.ts function handleGetMemoryConversation. The issue arises from manipulating the argument conversationId, leading to improper authorization. Exploitation is described as possible from remote, with hig...
CVE-2026-13510
CVE-2026-13510 affects SimStudioAI sim up to 0.6.92. The vulnerability lies in the Password Protection Handler, specifically the file: apps/sim/lib/core/security/deployment.ts, where a manipulation leads to use of a weak hash. This can be exploited remotely with high attack complexity, and the ex...
CVE-2026-13507
Summary (CVE-2026-13507) Volcengine OpenViking up to 0.3.21 is affected in the Local VectorDB Primary-key Label Handler, specifically the str_to_uint64 function in openviking/storage/vectordb/utils/str_to_uint64.py. The issue arises from manipulating the argument ID, causing insufficient verifica...
EUVD-2026-40001
A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...
WordPress JobWP Plugin <= 2.3.9 - SQL Injection
The JobWP - Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is vulnerable to SQL Injection via the 'jobwpuploadresume' parameter in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparati...
Magento 2 Amasty Order Attributes < 4.0.0 - Unauthenticated Arbitrary File Upload
Amasty Order Attributes for Magento 2 4.0.0 contains an unrestricted file upload vulnerability caused by lack of authentication and validation in the upload endpoint, letting unauthenticated attackers upload arbitrary files including PHP, enabling remote code execution or malware hosting. id:...
Gogs < 0.14.3 - Unauthenticated Organization Teams Disclosure
Gogs before version 0.14.3 contains an unauthenticated information disclosure vulnerability. The GET /api/v1/orgs/:orgname/teams endpoint returns all teams for any organization without requiring authentication. The route group lacks the reqToken middleware, exposing team IDs, names, descriptions,...
OpenCATS - Command Injection
OpenCATS prior to commit 3002a29 contains a command injection caused by injection of PHP statements into the installer AJAX endpoint's databaseConnectivity action parameter, letting unauthenticated attackers execute arbitrary code, exploit requires incomplete installation wizard. id: CVE-2026-277...
WordPress Burst Statistics 3.4.0-3.4.1.1 - Authentication Bypass
Burst Statistics – Privacy-Friendly WordPress Analytics plugin 3.4.0 to 3.4.1.1 contains an authentication bypass caused by incorrect return-value handling in ismainwpauthenticated function, letting unauthenticated attackers impersonate administrators, exploit requires knowledge of an administrat...
Frappe Framework < 16.15.0 - Arbitrary File Read via render_include Path Traversal
Frappe is a full-stack web application framework. Versions prior to 15.105.0 and 16.15.0 contain a possible Arbitrary File Read vulnerability via Path Traversal. The issue is resolved in versions 16.15.0, 15.105.0 and above. id: CVE-2026-39352 info: name: Frappe Framework 16.15.0 - Arbitrary File...