CVE-2018-25416

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability in country.php via the country parameter. An unauthenticated attacker can send crafted GET requests to extract sensitive data from the database (usernames, database names, version details). CVSS data indicates high impact with network ac...

CVE-2018-25414

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability in actor.php that can be exploited by unauthenticated attackers via the actor parameter. The vulnerability is triggered by crafted SQL payloads in GET requests to actor.php, allowing extraction of sensitive database information such as u...

CVE-2018-25415

AiOPMSD Final 1.0.0 is affected by an SQL injection via the director parameter. An unauthenticated attacker can send crafted SQL payloads to director.php (GET) to extract sensitive data such as usernames, database names, and version details. CVSS metrics: v3.1 base score 8.2 (HIGH) with Network v...

CVE-2018-25413

AiOPMSD Final 1.0.0 is affected by an SQL injection in search.php via the q parameter, allowing unauthenticated attackers to execute arbitrary SQL and enumerate usernames, database names, and version details. The CVE entry includes CVSS scores (3.1: base 8.2 HIGH network/low integrity; 4.0: base ...

CVE-2018-25412

DeltaSql 1.8.2 is affected by an arbitrary file upload vulnerability reachable via docs_upload.php. The issue allows unauthenticated attackers to upload PHP files through crafted multipart form data and place them in the upload directory, enabling remote code execution on the server. The connecte...

CVE-2018-25411

CVE-2018-25411 affects MGB OpenSource Guestbook 0.7.0.2. The vulnerability is an SQL injection in the email.php endpoint vulnerable to crafted payloads via the id parameter, allowing unauthenticated attackers to execute arbitrary SQL and potentially enumerate database tables and columns. The issu...

CVE-2018-25410

SIM-PKH 2.4.1 contains an SQL injection in admin/media.php via the id parameter. In the affected flow, an authenticated attacker can craft GET requests with module=pengurus and act=editpengurus to inject SQL UNION statements, enabling extraction of database information (usernames, database names,...

CVE-2018-25409

SIM-PKH 2.4.1 contains an Arbitrary File Upload vulnerability. Authenticated users can upload PHP code via the fupload parameter to the aksi_pengurus.php endpoint (module=pengurus, act=update). Uploaded PHP files are stored in the foto directory and can be executed as web scripts, enabling potent...

CVE-2018-25408

The Open ISES Project 3.30A contains a path traversal vulnerability in the ajax/download.php endpoint that lets unauthenticated attackers download arbitrary files by supplying directory traversal sequences (e.g., ../) in the filename parameter. Affected component: ajax/download.php within The Ope...

CVE-2018-25406

CVE-2018-25406 affects the eNdonesia Portal 8.7, where multiple SQL injection vulnerabilities allow unauthenticated attackers to run arbitrary SQL queries via mod.php. The attacker can inject SQL through parameters artid, cid, did, contid, and aboutid across modules including publisher, diskusi, ...

CVE-2018-25407

CVE-2018-25407 affects eNdonesia Portal 8.7, where multiple SQL injection flaws in mod.php allow unauthenticated attackers to execute arbitrary SQL via parameters such as artid, cid, did, contid, and aboutid across the publisher, diskusi, galeri, content, and about modules. The issue can be used ...

CVE-2018-25405

The CVE-2018-25405 entry describes SQL injection vulnerabilities in eNdonesia Portal 8.7. Specifically, unauthenticated attackers can inject SQL through mod.php parameters artid, cid, did, contid, and aboutid to retrieve sensitive data (usernames, database names, version details). Metrics show CV...

CVE-2026-10120

TRENDnet TEW-432BRP 3.10B20 is affected by CVE-2026-10120. The vulnerability lies in function formSetFirewallRule within /goform/formSetFirewallRule, where manipulating the firewall_name argument causes a stack-based buffer overflow. The issue is exploitable remotely and the exploit is public. TR...

CVE-2026-10119

TRENDnet TEW-432BRP (firmware 3.10B20) contains a stack-based buffer overflow in the formSetMACFilter function within /goform/formSetMACFilter. The vulnerability arises from manipulation of the filter_name argument, enabling remote exploitation. Exploit appears publicly available. The vendor note...

CVE-2026-10117

The CVE concerns Open5GS up to 2.7.7. The issue affects the ogs_pool_id_calloc function in /lib/sbi/nghttp2-server.c. A manipulation can remotely trigger a denial of service. Public exploit availability is noted. Remediation guidance: apply the official patch/update to resolve the vulnerability (...

CVE-2026-46242

Summary (CVE-2026-46242) : The Linux kernel contains a fix for a UAF in eventpoll related to ep_remove. The bug arose when ep_remove_file() cleared file->f_ep under file->f_lock but continued using @file inside the critical section, allowing a concurrent path to reach freed memory via f_op-...

CVE-2026-10116

Technical details are not publicly available in the provided documents. Monitor for updates. The description notes a denial‑of‑service vulnerability in Open5GS (ogs_sbi_xact_add in ogs-timer.c).

CVE-2026-10115

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2026-10114

Open5GS up to 2.7.7 is affected by an out-of-bounds write in handle_scp_info (lib/sbi/nnrf-handler.c) within the Shared NF-profile Parser. The issue can be triggered remotely and is linked to a publicly disclosed exploit. Remediation guidance in the sources is to deploy an official patch; no addi...

CVE-2026-7459

The CVE concerns the Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress (

CVE-2026-7465

Summary (supported by provided documents): CVE-2026-7465 affects the WordPress plugin Spectra Gutenberg Blocks (ultimate-addons-for-gutenberg). In versions up to and including 2.19.25, an authenticated Contributor can influence post block attributes in uagb/* blocks, which are dynamically registe...

CVE-2026-9757

The GEO my WP WordPress plugin (prepare(). This enables unauthenticated attackers to append additional SQL to existing queries to extract data. Exploitation requires a public page hosting the Posts Locator shortcode ([gmw form="results" form_id=N]) and at least one published post with an associat...

CVE-2026-10113

Open5GS up to 2.7.7 is affected by a vulnerability in the Shared NF-profile Parser, specifically in lib/sbi/nnrf-handler.c. The issue allows remote denial of service via an unknown functionality manipulation. Public exploitation details are available, and a patch is recommended to remediate. Affe...

CVE-2026-10112

CVE-2026-10112: Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2026-10111

CVE-2026-10111 affects the sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0 Login Page. The vulnerability occurs when manipulating the argument email , which can lead to SQL injection . It is exploitable remotely and the exploit has been published. The issue was reported to the project early via an issue ...

CVE-2026-5071

The CVE-2026-5071 entry concerns the SocketCAN implementation (Zephyr context) where a user-provided buffer containing a socketcan_frame is validated only by a NET_ASSERT in zcan_sendto_ctx() and then dereferenced in socketcan_to_can_frame(). In production builds with assertions disabled, a users...

CVE-2026-10110

The CVE-2026-10110 affects code-projects’ Student Details Management System 1.0. The vulnerability resides in an unknown function of /index.php, where manipulation of the roll argument enables SQL injection. Exploitation is possible remotely and a public exploit reportedly exists. Metrics indicat...

CVE-2026-48840

Exim is affected: Exim 4.88 prior to 4.99.4 in certain PROXY configurations mishandles short payloads, causing disclosure of uninitialized stack memory to a client. The issue centers on the PROXY-protocol handling, enabling an information disclosure in configurations with SUPPORT_PROXY and host_p...

CVE-2026-47416

The connected GitHub advisory details a workspace‑privilege escalation in praisonai-platform. A member can exploit PATCH /workspaces/{workspace_id}/members/{user_id} to set their own role to a higher level (e.g., “owner”) because the route uses a default min_role of “member” in the dependency and...

CVE-2026-47409

CVE-2026-47409 is expanded by a connected advisory on praisonai-platform: the DELETE /workspaces/{workspace_id}/members/{user_id} endpoint lacks caller-permission checks and owner-protection, allowing a member to delete the workspace owner and lock them out. Root cause: MemberService.remove(...) ...

CVE-2026-47414

The connected advisory identifies a cross-workspace IDOR in praisonai-platform: label endpoints allow operations on labels and issue-label associations without validating workspace_id against the target workspace. Root cause: LabelService.get, update, delete, add_to_issue, remove_from_issue, and ...

CVE-2026-47406

Summary: The connected advisory for praisonai-platform reveals a cross-workspace IDOR in dependency endpoints. The routes POST /workspaces/{workspace_id}/issues/{issue_id}/dependencies, GET /workspaces/{workspace_id}/issues/{issue_id}/dependencies, and DELETE /workspaces/{workspace_id}/issues/{is...

CVE-2026-47410

The connected advisory for praisonai-platform (GHSA-3QG8-5G3R-79V5) discloses a concrete insecure default JWT secret flaw in auth_service.py. The code sets JWT_SECRET to the public default _DEFAULT_SECRET = "dev-secret-change-me" unless PLATFORM_JWT_SECRET is provided, and only raises in producti...

CVE-2026-47405

The connected advisory describes a privilege-escalation in PraisonAI Platform RBAC. A missing authorization check on workspace-management routes (patch/delete workspace, and member management endpoints) allows any authenticated workspace member (min_role default: member) to self-promote, grant ow...

CVE-2026-47399

Summary (CVE-2026-47399 context): PraisonAI Platform suffers a systemic object-level access control flaw where workspace membership is checked at the URL level, but the service layer resolves objects by global UUID without validating ownership. This allows an authenticated user from one workspace...

CVE-2026-47407

The connected GHSA advisory describes a cross-tenant IDOR and member-role escalation in PraisonAI Platform. The auth dependency only validates membership of the URL prefix workspace_id, while inner resource lookups (agents, issues, projects, labels, dependencies) are performed by primary key with...

CVE-2026-47408

The connected advisory describes an insecure direct object reference in praisonai-platform: the endpoint GET /workspaces/{workspace_id}/issues/{issue_id}/activity fails to verify the workspace-scoping before listing issue activity. The route list_issue_activity calls ActivityService.list_for_issu...

CVE-2026-48169

CVE-2026-48169 (connections: GHSA-GV23-XRM3-8C62) describes multiple security gaps in the PraisonAI Platform API. The core issue is cross-workspace access: route-layer workspace_id checks exist, but service-layer reads (get/update/delete) use global lookups not filtered by workspace, enabling cro...

CVE-2026-47397

CVE-2026-47397 has concrete details in the connected advisory: PraisonAI <= 4.6.37 contains an Arbitrary File Write in its Python API. The root cause is in code/tools/write_file.py where path validation is skipped when workspace=None (validation is bypassed because workspace is always None in ...

CVE-2026-47391

Summary of CVE-2026-47391 context (with connected evidence): The PraisonAI A2A first‑party example exposes an unauthenticated JSON‑RPC endpoint (/a2a) when bound to 0.0.0.0 and without an auth_token, and registers a calculate(expression) tool implemented via Python eval. An unauthenticated remote...

CVE-2026-47394

CVE-2026-47394 is a reserved candidate; connected advisories describe an unauthenticated read vulnerability in PraisonAI’s MCP server dispatch, where JSON arguments to handlers are invoked as kwargs without input validation. Concrete details in the GitHub advisory GHSA-9CR9-25Q5-8PRJ show that wo...

CVE-2026-47392

PRAISONA I AP to exploit sandbox escape via print.self leak in execute_code (subprocess mode) of the PraisonAI agents, enabling arbitrary OS command execution on the host. Root cause: multiple gaps in AST-based validation, including missing self in blocked attributes, unblocked builtins (vars), a...

CVE-2026-47395

PRAIS0NAI PraisonAI direct-prompt CLI vulnerability (CVE-2026-47395) arises from the MentionsParser URL handling (@url:...) which makes an unrestricted HTTP request to the attacker-controlled URL. The issue allows local SSRF/local content disclosure by fetching loopback or private-network resourc...

CVE-2026-47393

CVE-2026-47393 entry is linked to PraisonAI issues around CVE-2026-44338: PraisonAI 4.6.33 generates a Flask API server via the deploy --type api generator with authentication disabled by default. The vulnerable artifact is praisonai==4.6.33, whose defaults set auth_enabled to False and auth_toke...

CVE-2026-47396

The connected GHSA advisory details a concrete vulnerability in PraisonAI's call server: when CALL_SERVER_TOKEN is unset, authentication is disabled (verify_token() returns success), exposing sensitive agent-control endpoints on all interfaces. Affected: the router praisonai.api.agent_invoke (pat...

CVE-2026-47390

The connected GHSA advisory for PraisonAI spider_tools documents a SSRF protection bypass in spider_tools.py. The URL validator blocks only exact host strings (e.g., localhost, 127.0.0.1) and does not normalize or fully validate after DNS resolution, allowing alternate loopback representations (l...

CVE-2026-47398

CVE-2026-47398 has no description in the Initial document, but connected document GHSA-78R8-WWQV-R299 details a concrete RCE in PraisonAI: two unguarded spec.loader.exec_module call sites in praisonai/agents_generator.py (load_tools_from_module and load_tools_from_module_class) that execute modul...

CVE-2026-47233

CVE-2026-47233 (CVE entry reserved) is linked to a GitHub advisory for Admidio: an authenticated, non-admin user can delete inventory fields via mode=field_delete due to missing admin-right checks (only CSRF validation is performed). The vulnerability affects inventory_field deletion path: field_...

CVE-2026-47234

The connected GHSA advisory details a vulnerability in Admidio (v5.0.9) where debug logging writes raw cookie values for ADM...AUTO_LOGIN_ID and ADM...SESSION_ID via Set Cookie and Session Started logs. This exposes session tokens and auto-login credentials in logs, enabling potential credential ...

CVE-2026-47232

The connected advisory shows a concrete issue in Admidio v5.0.9: the sensitive export route in modules/sso/keys.php (case 'export') allows exporting a private key and certificate as a PKCS#12 bundle without CSRF protection. The code comments out the CSRF check, so an attacker-controlled page can ...