Recent
itsourcecode Society Management System edit_expenses.php sql injection
Published 2026-02-07 by VulDB
itsourcecode Society Management System delete_expenses.php sql injection
Published 2026-02-07 by VulDB
itsourcecode Society Management System edit_admin.php sql injection
Published 2026-02-07 by VulDB
WeKan < 8.20 Migration Functionality Insufficient Permission Checks
Published 2026-02-07 by VulnCheck
WeKan < 8.19 allowPrivateOnly Setting Enforcement Bypass
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Card Comment Author Spoofing via User-controlled authorId
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Cross-board Card Move Without Destination Authorization
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Read-only Board Roles Can Update Cards
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Checklist Deletion IDOR via Missing Relationship Validation
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Checklist Creation Cross-Board IDOR
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Attachments Publication Information Disclosure
Published 2026-02-07 by VulnCheck
WeKan < 8.19 Attachment Upload Object Relationship Validation Bypass
Published 2026-02-07 by VulnCheck
WeKan < 8.19 LDAP Authentication Filter Injection
Published 2026-02-07 by VulnCheck
macrozheng mall <= 1.0.3 Unauthenticated Password Reset via OTP Disclosure
Published 2026-02-07 by VulnCheck
Tenda G300-F Command Injection via formSetWanDiag
Published 2026-02-07 by VulnCheck
Mapnik value.cpp operator divide by zero
Published 2026-02-07 by VulDB
yuan1994 tpadmin WebUploader preview.php deserialization
Published 2026-02-07 by VulDB
JeecgBoot Retrieval-Augmented Generation edit path traversal
Published 2026-02-07 by VulDB
Tasin1025 SwiftBuy login.php excessive authentication
Published 2026-02-07 by VulDB
jsbroks COCO Annotator Delete Category undo improper authorization
Published 2026-02-07 by VulDB
jsbroks COCO Annotator Endpoint long_task denial of service
Published 2026-02-07 by VulDB
yeqifu warehouse Log Info LoginfoController.java batchDeleteLoginfo improper authorization
Published 2026-02-07 by VulDB
yeqifu warehouse Notice Management NoticeController.java batchDeleteNotice improper authorization
Published 2026-02-07 by VulDB
yeqifu warehouse Department Management DeptController.java deleteDept improper authorization
Published 2026-02-07 by VulDB
SourceCodester Online Class Record System search.php sql injection
Published 2026-02-07 by VulDB
SourceCodester Online Class Record System controller.php sql injection
Published 2026-02-07 by VulDB
PHPGurukul Beauty Parlour Management System accepted-appointment.php sql injection
Published 2026-02-07 by VulDB
SourceCodester Online Class Record System login.php sql injection
Published 2026-02-07 by VulDB
UTT HiPER 810G Management formFireWall strcpy buffer overflow
Published 2026-02-07 by VulDB
D-Link DWR-M921 USSD Configuration Endpoint formUSSDSetup sub_419F20 command injection
Published 2026-02-07 by VulDB
D-Link DIR-823X set_language os command injection
Published 2026-02-07 by VulDB
code-projects Social Networking Site delete_post.php sql injection
Published 2026-02-07 by VulDB
D-Link DIR-823X set_mac_clone os command injection
Published 2026-02-07 by VulDB
D-Link DIR-823X set_password os command injection
Published 2026-02-07 by VulDB
UTT HiPER 810 formUser setSysAdm command injection
Published 2026-02-07 by VulDB
yeqifu warehouse Menu Management MenuController.java deleteMenu improper authorization
Published 2026-02-07 by VulDB
The Bucketlister <= 0.1.5 - Missing Authorization to Authenticated (Subscriber+) Bucket List Modification
Published 2026-02-07 by Wordfence
The Bucketlister <= 0.1.5 - Authenticated (Contributor+) SQL Injection via `category` and `id` Shortcode Attributes
Published 2026-02-07 by Wordfence
OMIGO <= 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
Wonka Slide <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
Wikiloops Track Player <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
TITLE ANIMATOR <= 1.0 - Cross-Site Request Forgery to Settings Update
Published 2026-02-07 by Wordfence
Premmerce <= 1.3.20 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'premmerce_wizard_actions' AJAX Endpoint
Published 2026-02-07 by Wordfence
Video Onclick <= 0.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
Subitem AL Slider <= 1.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']
Published 2026-02-07 by Wordfence
Advanced Country Blocker <= 2.3.1 - Unauthenticated Authorization Bypass via Insecure Default Secret Key
Published 2026-02-07 by Wordfence
MP-Ukagaka <= 1.5.2 - Reflected Cross-Site Scripting
Published 2026-02-07 by Wordfence
Simple Bible Verse via Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
yeqifu warehouse Permission Management PermissionController.java deletePermission improper authorization
Published 2026-02-07 by VulDB
yeqifu warehouse Role Management RoleController.java deleteRole improper authorization
Published 2026-02-07 by VulDB
yeqifu warehouse User Management Endpoint UserController.java deleteUser improper authorization
Published 2026-02-07 by VulDB
Post Slides <= 1.0.1 - Contributor+ Local File Inclusion
Published 2026-02-07 by WPScan
Bold Page Builder <= 5.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published 2026-02-07 by Wordfence
Bold Page Builder <= 5.5.3 - Authenticated (Author+) Stored DOM-based Cross-Site Scripting in Post Grid
Published 2026-02-07 by Wordfence
Bold Builder <= 5.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_tabs Shortcode
Published 2026-02-07 by Wordfence
Bold Page Builder <= 5.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_accordion_item Shortcode
Published 2026-02-07 by Wordfence
yeqifu warehouse Role-Permission Binding RoleController.java saveRolePermission access control
Published 2026-02-07 by VulDB
O2OA HTTP POST Request check xml external entity reference
Published 2026-02-07 by VulDB
itsourcecode School Management System index.php sql injection
Published 2026-02-07 by VulDB
HCL DevOps Velocity is susceptible to a Denial of Service vulnerability
Published 2026-02-07 by HCL
UTT 进取 520W formP2PLimitConfig strcpy buffer overflow
Published 2026-02-07 by VulDB
Wing FTP Server < 6.2.7 - Cross-site Request Forgery
Published 2026-02-06 by VulnCheck
TapinRadio 2.12.3 - 'username' Denial of Service
Published 2026-02-06 by VulnCheck
TapinRadio 2.12.3 - 'address' Denial of Service
Published 2026-02-06 by VulnCheck
AbsoluteTelnet 11.12 - 'SSH2/username' Denial of Service
Published 2026-02-06 by VulnCheck
AbsoluteTelnet 11.12 - "license name" Denial of Service
Published 2026-02-06 by VulnCheck
AbsoluteTelnet 11.12 - "license entry" Denial of Service
Published 2026-02-06 by VulnCheck
QuickDate 1.3.2 - SQL Injection
Published 2026-02-06 by VulnCheck
Wedding Slideshow Studio 1.36 - 'Key' Buffer Overflow
Published 2026-02-06 by VulnCheck
Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow
Published 2026-02-06 by VulnCheck
Load more ↓