Recent
itsourcecode Society Management System edit_expenses.php sql injection
Published 2026-02-07 by VulDB
itsourcecode Society Management System delete_expenses.php sql injection
Published 2026-02-07 by VulDB
itsourcecode Society Management System edit_admin.php sql injection
Published 2026-02-07 by VulDB
WeKan < 8.20 Migration Functionality Insufficient Permission Checks
Published 2026-02-07 by VulnCheck
WeKan < 8.19 allowPrivateOnly Setting Enforcement Bypass
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Card Comment Author Spoofing via User-controlled authorId
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Cross-board Card Move Without Destination Authorization
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Read-only Board Roles Can Update Cards
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Checklist Deletion IDOR via Missing Relationship Validation
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Checklist Creation Cross-Board IDOR
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Attachments Publication Information Disclosure
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Attachment Upload Object Relationship Validation Bypass
Published 2026-02-07 by VulnCheck
WeKan < 8.19 LDAP Authentication Filter Injection
Published 2026-02-07 by VulnCheck
macrozheng mall <= 1.0.3 Unauthenticated Password Reset via OTP Disclosure
Published 2026-02-07 by VulnCheck
Tenda G300-F Command Injection via formSetWanDiag
Published 2026-02-07 by VulnCheck
Mapnik value.cpp operator divide by zero
Published 2026-02-07 by VulDB
yuan1994 tpadmin WebUploader preview.php deserialization
Published 2026-02-07 by VulDB
JeecgBoot Retrieval-Augmented Generation edit path traversal
Published 2026-02-07 by VulDB
Tasin1025 SwiftBuy login.php excessive authentication
Published 2026-02-07 by VulDB
jsbroks COCO Annotator Delete Category undo improper authorization
Published 2026-02-07 by VulDB
jsbroks COCO Annotator Endpoint long_task denial of service
Published 2026-02-07 by VulDB
yeqifu warehouse Log Info LoginfoController.java batchDeleteLoginfo improper authorization
Published 2026-02-07 by VulDB
yeqifu warehouse Notice Management NoticeController.java batchDeleteNotice improper authorization
Published 2026-02-07 by VulDB
yeqifu warehouse Department Management DeptController.java deleteDept improper authorization
Published 2026-02-07 by VulDB
SourceCodester Online Class Record System search.php sql injection
Published 2026-02-07 by VulDB
SourceCodester Online Class Record System controller.php sql injection
Published 2026-02-07 by VulDB
PHPGurukul Beauty Parlour Management System accepted-appointment.php sql injection
Published 2026-02-07 by VulDB
SourceCodester Online Class Record System login.php sql injection
Published 2026-02-07 by VulDB
UTT HiPER 810G Management formFireWall strcpy buffer overflow
Published 2026-02-07 by VulDB
D-Link DWR-M921 USSD Configuration Endpoint formUSSDSetup sub_419F20 command injection
Published 2026-02-07 by VulDB
D-Link DIR-823X set_language os command injection
Published 2026-02-07 by VulDB
code-projects Social Networking Site delete_post.php sql injection
Published 2026-02-07 by VulDB
D-Link DIR-823X set_mac_clone os command injection
Published 2026-02-07 by VulDB
D-Link DIR-823X set_password os command injection
Published 2026-02-07 by VulDB
UTT HiPER 810 formUser setSysAdm command injection
Published 2026-02-07 by VulDB
yeqifu warehouse Menu Management MenuController.java deleteMenu improper authorization
Published 2026-02-07 by VulDB
The Bucketlister <= 0.1.5 - Missing Authorization to Authenticated (Subscriber+) Bucket List Modification
Published 2026-02-07 by Wordfence
The Bucketlister <= 0.1.5 - Authenticated (Contributor+) SQL Injection via `category` and `id` Shortcode Attributes
Published 2026-02-07 by Wordfence
OMIGO <= 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
Wonka Slide <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
Wikiloops Track Player <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
TITLE ANIMATOR <= 1.0 - Cross-Site Request Forgery to Settings Update
Published 2026-02-07 by Wordfence
Premmerce <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint
Published 2026-02-07 by Wordfence
Video Onclick <= 0.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
Subitem AL Slider <= 1.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
Published 2026-02-07 by Wordfence
Advanced Country Blocker <= 2.3.1 - Unauthenticated Authorization Bypass via Insecure Default Secret Key
Published 2026-02-07 by Wordfence
MP-Ukagaka <= 1.5.2 - Reflected Cross-Site Scripting
Published 2026-02-07 by Wordfence
Simple Bible Verse via Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
yeqifu warehouse Permission Management PermissionController.java deletePermission improper authorization
Published 2026-02-07 by VulDB
yeqifu warehouse Role Management RoleController.java deleteRole improper authorization
Published 2026-02-07 by VulDB
Load more ↓