Export limit exceeded: 339713 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339713 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339713 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4585 | 2026-03-23 | 9.8 Critical | ||
| A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4590 | 2026-03-23 | 3.1 Low | ||
| A security flaw has been discovered in kalcaddle kodbox 1.64. The impacted element is an unknown function of the file /workspace/source-code/plugins/oauth/controller/bind/index.class.php of the component loginSubmit API. Performing a manipulation of the argument third results in cross-site request forgery. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is regarded as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2019-25556 | 1 Pixarra | 1 Twistedbrush Pro Studio | 2026-03-23 | 6.2 Medium |
| TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a malicious string into the New Width or New Height field to trigger a buffer overflow that causes the application to crash. | ||||
| CVE-2026-4302 | 2 Wordpress, Wpxpo | 2 Wordpress, Wowoptin: Next-gen Popup Maker – Create Stunning Popups And Optins For Lead Generation | 2026-03-23 | 7.2 High |
| The WowOptin: Next-Gen Popup Maker plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.4.29. This is due to the plugin exposing a publicly accessible REST API endpoint (optn/v1/integration-action) with a permission_callback of __return_true that passes user-supplied URLs directly to wp_remote_get() and wp_remote_post() in the Webhook::add_subscriber() method without any URL validation or restriction. The plugin does not use wp_safe_remote_get/post which provide built-in SSRF protection. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application, which can be used to query and modify information from internal services. | ||||
| CVE-2019-25562 | 1 Jetaudio | 2 Convert Video Jetaudio, Jetaudio | 2026-03-23 | 5.5 Medium |
| jetAudio 8.1.7 contains a buffer overflow vulnerability in the video converter component that allows local attackers to crash the application by supplying an oversized string in the File Naming field. Attackers can paste a malicious buffer of 512 bytes into the File Naming parameter and trigger the crash by clicking the Preview button, causing a denial of service. | ||||
| CVE-2026-3333 | 2 Minhnhut, Wordpress | 2 Minhnhut Link Gateway, Wordpress | 2026-03-23 | 6.4 Medium |
| The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'linkgate' shortcode in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2019-25568 | 1 Memuplay | 1 Memu Play | 2026-03-23 | 9.8 Critical |
| Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by replacing the MemuService.exe executable. Attackers can rename and overwrite MemuService.exe in the installation directory with a malicious executable, which executes with system-level privileges when the service restarts after a computer reboot. | ||||
| CVE-2026-1647 | 2 Basiliskan, Wordpress | 2 Comment Genius, Wordpress | 2026-03-23 | 6.1 Medium |
| The Comment Genius plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | ||||
| CVE-2019-25574 | 1 Greencms | 1 Greencms | 2026-03-23 | 6.5 Medium |
| Green CMS 2.x contains a path traversal vulnerability that allows authenticated attackers to download arbitrary files and directories by injecting directory traversal sequences. Attackers can manipulate the theme_name parameter in the themeexporthandle action or supply base64-encoded file paths to the downfile action to retrieve sensitive files outside intended directories. | ||||
| CVE-2024-33065 | 1 Qualcomm | 91 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 88 more | 2026-03-23 | 8.4 High |
| Memory corruption while taking snapshot when an offset variable is set by camera driver. | ||||
| CVE-2008-6027 | 1 Iss-oberlausitz | 1 Bluepage Cms | 2026-03-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) whl, (2) var_1, and (3) search parameters. | ||||
| CVE-2026-3460 | 2 Wordpress, Xjb | 2 Wordpress, Rest Api To Miniprogram | 2026-03-23 | 5.3 Medium |
| The REST API TO MiniProgram plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2. This is due to the permission callback (update_user_wechatshop_info_permissions_check) only validating that the supplied 'openid' parameter corresponds to an existing WordPress user, while the callback function (update_user_wechatshop_info) uses a separate, attacker-controlled 'userid' parameter to determine which user's metadata gets modified, with no verification that the 'openid' and 'userid' belong to the same user. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify arbitrary users' store-related metadata (storeinfo, storeappid, storename) via the 'userid' REST API parameter. | ||||
| CVE-2008-6039 | 1 Iss-oberlausitz | 1 Bluepage Cms | 2026-03-23 | N/A |
| Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||||
| CVE-2026-1247 | 2 Seosbg, Wordpress | 2 Survey, Wordpress | 2026-03-23 | 4.4 Medium |
| The Survey plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | ||||
| CVE-2019-25580 | 1 Owndms | 1 Owndms | 2026-03-23 | 8.2 High |
| ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.php, or anyfilestream.php with crafted SQL payloads in the IMG parameter to extract sensitive database information including version and database names. | ||||
| CVE-2007-2976 | 1 Opentext | 2 Firstclass, Server And Internet Services | 2026-03-23 | N/A |
| Centrinity FirstClass 8.3 and earlier, and Server and Internet Services 8.0 and earlier, do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS) attacks. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2026-2290 | 2 Jurajsim, Wordpress | 2 Post Affiliate Pro, Wordpress | 2026-03-23 | 6.5 Medium |
| The Post Affiliate Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.28.0. This makes it possible for authenticated attackers, with Administrator-level access, to make web requests to initiate arbitrary outbound requests from the application and read the returned response content. Successful exploitation was confirmed by receiving and observing response data from an external Collaborator endpoint. | ||||
| CVE-2024-10998 | 1 1000projects | 1 Bookstore Management System | 2026-03-23 | 7.3 High |
| A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/process_category_add.php. The manipulation of the argument cat leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-4529 | 1 D-link | 1 Dhp-1320 | 2026-03-23 | 8.8 High |
| A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-33493 | 2026-03-23 | 7.1 High | ||
| WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `objects/import.json.php` endpoint accepts a user-controlled `fileURI` POST parameter with only a regex check that the value ends in `.mp4`. Unlike `objects/listFiles.json.php`, which was hardened with a `realpath()` + directory prefix check to restrict paths to the `videos/` directory, `import.json.php` performs no directory restriction. This allows an authenticated user with upload permission to: (1) steal any other user's private video files by importing them into their own account, (2) read `.txt`/`.html`/`.htm` files adjacent to any `.mp4` file on the filesystem, and (3) delete `.mp4` and adjacent text files if writable by the web server process. Commit e110ff542acdd7e3b81bdd02b8402b9f6a61ad78 contains a patch. | ||||