CVE-2026-49288

Statamic CMS patch for CVE-2026-49288 fixes a missing authorization on Control Panel fieldtype endpoints that allowed an authenticated CP user to view restricted metadata and content (entries, assets, users, roles, groups, etc.). The issue could disclose titles, custom field values, entry content...

CVE-2026-49291

mcp-memory-service (semantic memory layer for AI apps) exposed the HTTP MCP JSON-RPC endpoint at /mcp such that OAuth read scope allowed mutating actions. Before patch 10.65.3, a read-only OAuth client could invoke tools/call to reach store_memory and delete_memory, bypassing REST write scope che...

CVE-2023-54357

CVE-2023-54357 affects Joomla com_booking 2.4.9. The vulnerability is an information disclosure in the getUserData function of the customer controller, permitting unauthenticated attackers to enumerate user accounts by brute-forcing the id parameter via requests like index.php?option=com_booking&...

CVE-2019-25762

CVE-2019-25762 affects Joomla! component JoomProject 1.1.3.2. The vulnerability is an information disclosure via the projects endpoint, where unauthenticated attackers can query index.php with option=com_jpprojects&view=projects&tmpl=component&format=json to retrieve user IDs, names, and email ad...

CVE-2019-25761

The CVE-2019-25761 entry concerns Joomla! component JoomCRM 1.1.1, where an SQL injection vulnerability exists in the deal_id parameter. authenticated attackers can craft GET requests to index.php?option=com_joomcrm&view=contacts to inject SQL and read sensitive data, including table names and sc...

CVE-2019-25760

CVE-2019-25760 describes a Local File Inclusion in Joomla! Easy Shop 1.2.3. An unauthenticated attacker can read arbitrary server files by supplying a base64-encoded file path via the file parameter in a GET request to index.php with option=com_easyshop and task=ajax.loadImage. Affected files inc...

CVE-2019-25759

The CVE-2019-25759 entry describes an SQL injection in Joomla! component vbizz 1.0.7 where an authenticated attacker can craft the payid parameter to execute arbitrary SQL via POST to the employee management interface, potentially exposing database version and names. The provided sources confirm ...

CVE-2026-49287

Statamic CMS (Laravel/Git) had an incomplete fix for CVE-2026-41175; in-memory collection sorting was not protected. CVE-2026-49287 notes that prior to 5.73.23 and 6.20.0, the patch covered the query builder but not in-memory sorting. This could allow a front-end template that passes request inpu...

CVE-2019-25758

CVE-2019-25758 affects Joomla! component vBizz 1.0.7. The vulnerability is an unrestricted file upload in the profile_pic parameter, enabling authenticated attackers to upload arbitrary PHP files. By submitting malicious files via POST to the employee view endpoint, attackers can place PHP code i...

CVE-2019-25757

CVE-2019-25757 affects Joomla vWishlist 1.0.1. The vulnerability is an SQL injection in the vproductid and userid parameters that authenticated attackers can exploit by sending crafted POST requests to the component, enabling extraction of sensitive database information (e.g., version and databas...

CVE-2026-49290

Slopsmith (CVE-2026-49290) contains a path-traversal vulnerability in archive extractors prior to version 0.2.9-alpha.5 that allows writing arbitrary files outside the extraction directory by crafted PSARC or sloppak archives. The issue affects three extractors: lib/psarc.py::unpack_psarc (PSARC ...

CVE-2019-25756

CVE-2019-25756 affects Joomla! Component vAccount 2.0.2. The vulnerability is an SQL injection in the vaccount-dashboard/expense endpoint, where an unauthenticated attacker can inject payloads via the vid parameter to perform arbitrary SQL queries and exfiltrate sensitive data such as database ve...

CVE-2019-25755

CVE-2019-25755 details: Joomla Component vReview 1.9.11 has an SQL injection in the editReview task via the cmId parameter. Unauthenticated attackers can send POST requests with URL-encoded SQL UNION payloads to extract database data (usernames, passwords, versions). Impact per sources is high (C...

CVE-2019-25754

Joomla Component vRestaurant 1.9.4 contains an SQL injection in the menu-listing-layout endpoint. An unauthenticated attacker can send crafted POST requests with SQL payloads in the keysearch parameter to extract database table names and sensitive information. The vulnerability arises from improp...

CVE-2019-25753

The CVE-2019-25753 entry concerns Joomla! Component VMap 1.9.6, where an SQL injection vulnerability exists in the latlngbound parameter. An unauthenticated attacker can craft GET requests to index.php with options com_vmap&task=loadmarker containing SQL payloads to manipulate database queries an...

CVE-2026-49271

CVE-2026-49271 affects libheif prior to 1.22.1. The uncompressed HEIF decoder validates icef compressed-unit offsets with unit_offset + unit_size, which can wrap and allow constructing iterators outside the compressed item buffer, causing an out-of-bounds heap read and crash. This vulnerability i...

CVE-2019-25752

CVE-2019-25752 affects the Joomla! extension J-BusinessDirectory 4.9.7 . The vulnerability is an SQL injection in the parameter screen path: attackers can inject UNION-based SQL via the type parameter when calling index.php with option=com_jbusinessdirectory&task=categories.getCategories, enablin...

CVE-2019-25751

CVE-2019-25751 affects Joomla’s J-ClassifiedsManager component, version 3.0.5. The vulnerability is an SQL injection in the displayads flow that does not require authentication. An attacker can inject malicious SQL through POST parameters, specifically categorySearch, adType, and citySearch, to e...

CVE-2019-25750

CVE-2019-25750 affects Joomla component J-MultipleHotelReservation version 6.0.7. The vulnerability is an SQL injection in the hotel_id parameter that allows unauthenticated attackers to execute arbitrary SQL queries by sending crafted payloads to the search-hotels endpoint (POST) using UNION SEL...

CVE-2026-49359

PhpWeasyPrint (pontedilana/php-weasyprint) prior to version 2.6.0 is vulnerable: the attachment option for Pdf can accept any value that passes filter_var(url), including http, https, ftp, file, and PHP streams like php://. The library fetches these values server-side via file_get_contents, allow...

CVE-2019-25749

Joomla J-CruisePortal 6.0.4 has an SQL injection in the cruises endpoint: authenticated attackers can send crafted SQL payloads via the guest_adult parameter in POST requests to read or modify database data. The CVSS indicates HIGH risk (7.1) with NETWORK, LOW exploit complexity, and LOW privileg...

CVE-2026-49286

CVE-2026-49286 - PhpWeasyPrint : The library (prior to 2.6.0) guards the output filename against the phar:// stream wrapper with a case-sensitive blacklist. Because PHP stream wrappers are case-insensitive, inputs like PHAR://, Phar:// bypass the check and reach fileExists() in prepareOutput(), a...

CVE-2019-25748

CVE-2019-25748 affects Joomla JHotelReservation 6.0.7. The issue is an SQL injection in the rooms parameter of the search-hotels endpoint, allowing unauthenticated attackers to send crafted SQL payloads via POST requests to extract sensitive data (e.g., database version details). Documented CVSS:...

CVE-2026-49260

CVE-2026-49260 affects PhpWeasyPrint prior to 2.5.1. The vulnerability arises from building the WeasyPrint command by passing the binary path through escapeshellarg() and then validating the quoted result with is_executable(); on POSIX systems this makes the bin path string contain quotes, causin...

CVE-2017-20282

CVE-2017-20282 concerns the Joomla! Component jCart for OpenCart 2.0, where an SQL injection vulnerability exists in the product_id parameter. The flaw lets unauthenticated attackers supply crafted values via GET requests to index.php with the query string option=com_jcart&route=product/product a...

CVE-2017-20281

Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability in the establename parameter (index.php?option=com_extrasearch). The issue allows unauthenticated attackers to manipulate database queries and extract sensitive information. Evidence in CVE records and AttackerKB confirm...

CVE-2017-20280

影

CVE-2017-20279

Joomla Payage 2.05 is affected by an SQL injection in the aid parameter used in the make_payment task (unauthenticated access). The vulnerability allows manipulation of database queries, enabling extraction of sensitive data via boolean-based blind or time-based blind techniques. This is supporte...

CVE-2017-20278

CVE-2017-20278 : Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability exploitable via the category parameter in the all-recipes endpoint. Attacks can be performed by unauthenticated users to manipulate queries and extract sensitive database information. The connected document...

CVE-2017-20277

The CVE-2017-20277 entry concerns Joomla JoomRecipe 1.0.4. The connected Attackerkb entry confirms a bona fide vulnerability: a blind SQL injection in the search_author parameter on the search results page. Exploitation is described as sending POST requests to the search endpoint to perform boole...

CVE-2017-20276

Vulnerability: CVE-2017-20276 in Joomla! component SIMGenealogy 2.1.5. Impactful flaw: SQL injection via the type parameter in index.php when option=com_simgenealogy and view=latest are used; unauthenticated attackers can manipulate database queries and potentially exfiltrate data. Affected compo...

CVE-2017-20275

CVE-2017-20275 affects Joomla! Component PHP-Bridge 1.2.3. The vulnerability is an SQL injection in the id parameter of index.php when using option=com_phpbridge&view=phpview, allowing unauthenticated attackers to execute arbitrary SQL and extract database metadata (e.g., table and column names)....

CVE-2017-20274

CVE-2017-20274 affects Joomla LMS King Professional 3.2.4.0. It enables unauthenticated SQL injection via the cp_id parameter in index.php when using option=com_lmsking, view=lmsking, layout=learningpath, and task=learningPath, allowing manipulation of queries and extraction of sensitive database...

CVE-2026-56211

CVE-2026-56211 concerns libaom, the reference AV1 codec. The vulnerability stems from insufficient bounds validation in the AV1 encoder’s SVC layer ID control, enabling an attacker-provided frame to overlap internal encoder layer context structures. In fork-based video processing services, this c...

CVE-2026-56210

CVE-2026-56210 (libaom) : A heap-buffer-overflow in the SVC layer ID control function allows a spatial_layer_id exceeding the configured number of layers, causing an out-of-bounds read (~40,728 bytes) during layer context index computation. This can enable information disclosure or denial of serv...

CVE-2026-56208

CVE-2026-56208 affects libaom, the reference AV1 codec. A flaw in the encoder’s Look-Ahead Processing (LAP) mode bypasses the first-pass stats ring-buffer guard when g_lag_in_frames is 1 or more, causing a 232-byte out-of-bounds write on every frame after the second. This can corrupt heap objects...

CVE-2026-56209

CVE-2026-56209 concerns libaom’s SVC layer: a missing bounds check in the SVC layer ID control function lets an attacker inject an arbitrary pointer into the cyclic refresh map when processing frames, enabling an encoder to write about 1,200 bytes to attacker-controlled memory. This vulnerability...

CVE-2017-20273

CVE-2017-20273 affects Joomla Event Registration Pro Calendar 4.1.3. The connected docs confirm an SQL injection vulnerability in index.php where the id parameter (via option=com_registrationpro&view=category&id) can be exploited unauthenticated to execute arbitrary SQL and extract sensitive data...

CVE-2017-20272

CVE-2017-20272 affects Joomla Ultimate Property Listing 1.0.2. The vulnerability is an SQL injection in the sf_selectuser_id parameter that can be exploited by unauthenticated users via GET requests to index.php with option=com_upl and view=propertylisting. This allows extraction of sensitive DB ...

CVE-2026-3195

CVE-2026-3195 : In QEMU’s virtio-snd, the heap buffer overflow occurs in the input callback (virtio_snd_pcm_in_cb) due to an incomplete bounds/iov check. The Attackerkb entry reiterates that the function does not verify whether the iov can fit the data buffer, enabling a heap out-of-bounds write....

CVE-2026-3196

CVE-2026-3196 describes an integer overflow in the virtio-snd device triggered by PCM_INFO requests from a guest, causing unbounded host memory allocation and potential denial-of-service. Documented in multiple feeds (CVE listing, AttackersKB, OSV/Nessus advisories) indicates the vulnerability af...

CVE-2017-20271

Joomla StreetGuessr Game 1.1.8 is affected by an SQL injection via the catid parameter in index.php when using option=com_streetguess&view=maps. The vulnerability allows unauthenticated attackers to execute arbitrary SQL queries and exfiltrate data such as database version and names. Reported CVS...

CVE-2017-20270

CVE-2017-20270 affects the Joomla! Twitch Tv component 1.1, with an SQL injection vulnerability in the GET parameters username and id via index.php (option=com_twitchtv and view) that allows unauthenticated attackers to execute arbitrary SQL and extract sensitive data (credentials, configuration)...

CVE-2017-20269

Summary: CVE-2017-20269 affects Joomla! KissGallery 1.0.0 and is a SQL injection via the component URL path. Vulnerability details: Unauthenticated attackers can inject SQL code through the kissgallery endpoint to execute arbitrary database queries and potentially access sensitive data. The provi...

CVE-2017-20268

The CVE covers Joomla! component Zap Calendar Lite 4.3.4, where an SQL injection via the eid parameter allows unauthenticated attackers to execute arbitrary SQL queries. Attack vectors include sending crafted GET requests to the RSVP endpoint to extract sensitive information, such as database nam...

CVE-2017-20267

CVE-2017-20267 affects Joomla! Calendar Planner 1.0.1. The vulnerability is an SQL injection in the category_id parameter used when viewing events, allowing unauthenticated attackers to inject SQL via GET requests to the events view and potentially extract sensitive database information. Affected...

CVE-2017-20266

CVE-2017-20266 affects Joomla SP Movie Database 1.3. The issue is an SQL injection in the searchword parameter of the searchresults view, enabling unauthenticated attackers to execute arbitrary SQL queries and extract sensitive database information via crafted GET requests. No remediation or expl...

CVE-2017-20265

CVE-2017-20265 affects the Joomla! extension Flip Wall (version 8.0). The vulnerability is an SQL injection in the wallid parameter, exploitable via GET requests to index.php with option=com_flipwall&task=click&wallid, allowing unauthenticated attackers to execute arbitrary SQL and potentially ex...

CVE-2026-12620

The CVE affects GridTime 3000 GNSS Time Server versions 1.0r0.03 through 1.1r0.0, where an access token is leaked in the URL parameters of certain endpoints. The issue is documented by NVD/CVE entries for CVE-2026-12620, with an attack surface described as NETWORK, requiring HIGH privileges and A...

CVE-2017-20264

Summary: CVE-2017-20264 affects Joomla! Component Sponsor Wall 8.0. An SQL injection vulnerability exists in the wallid parameter via GET requests to index.php with option=com_sponsorwall&task=click&wallid, allowing unauthenticated attackers to execute arbitrary SQL and potentially exfiltrate cre...