Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\ma…
A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message/search.php. Executing a manipulation of the argu…
A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argumen…
A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointment.php. Such manipulation of the argument delid le…
A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument user_email…
A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The ma…
A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub_419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulat…
A weakness has been identified in D-Link DIR-823X 250416. This impacts an unknown function of the file /goform/set_language. Executing a manipulation of the argument langSelection can lead to os comm…
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /delete_post.php. Performing a manipulation of the argument ID results in…
A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/set_mac_clone. Such manipulation of the argument mac leads to os command inje…
A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/set_password. This manipulation of the argument http_passwd causes os command…
A vulnerability has been found in UTT HiPER 810 1.7.4-141218. This issue affects the function setSysAdm of the file /goform/formUser. The manipulation of the argument passwd1 leads to command injecti…
A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addMenu/updateMenu/deleteMenu of the file dataset\repos\warehouse\src…
The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass…
The MP-Ukagaka plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes …
The Subitem AL Slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 1.0.0 due to insufficient inp…
The Wonka Slide plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `list_class` shortcode in all versions up to, and including, 1.3.3 due to insufficient input sanitiz…
The Wikiloops Track Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `wikiloops` shortcode in all versions up to, and including, 1.0.1 due to insufficient inp…
The Video Onclick plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `youtube` shortcode in all versions up to, and including, 0.4.7 due to insufficient input sanitiza…
The OMIGO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `omigo_donate_button` shortcode in all versions up to, and including, 3.3 due to insufficient input saniti…