Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-28673 xiaoheiFS is a self-hosted financial and operational system for cloud service businesses. In versions up to and including 0.3.15, the standard plugin system allows admins to upload a ZIP file containi... | 7.2 | HIGH | β | 0 |
| CVE-2026-22179 OpenClaw versions prior to 2026.2.22 in macOS node-host system.run contain an allowlist bypass vulnerability that allows remote attackers to execute non-allowlisted commands by exploiting improper par... | 7.2 | HIGH | β | 0 |
| CVE-2026-32414 Improper Control of Generation of Code ('Code Injection') vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Remote Code Inclusion.This issue affects Advanced Woo Labels: from n/a t... | 7.2 | HIGH | β | 0 |
| CVE-2026-32401 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows PHP Local F... | 7.2 | HIGH | β | 0 |
| CVE-2026-33881 Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Workspace environment variable values are interpolated into JavaScript string literals withou... | 7.2 | HIGH | β | 0 |
| CVE-2026-32264 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, there is a Behavior injection RCE vulnerability in ... | 7.2 | HIGH | β | 0 |
| CVE-2026-32263 Craft CMS is a content management system (CMS). From version 5.6.0 to before version 5.9.11, in src/controllers/EntryTypesController.php, the $settings array from parse_str is passed directly to Craft... | 7.2 | HIGH | β | 0 |
| CVE-2026-3090 The Post SMTP β Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βevent_typeβ... | 7.2 | HIGH | β | 0 |
| CVE-2026-35035 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.2.0, the application fails to properly sanit... | 7.2 | HIGH | β | 0 |
| CVE-2026-27043 Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGoods Photography allows Path Traversal.This issue affects Photography: from n/a before 7.7.6. | 7.2 | HIGH | β | 0 |
| CVE-2026-25932 GLPI is a Free Asset and IT Management Software package. From 0.60 to before 10.0.24, an authenticated technician user can store an XSS payload in a supplier fields. This vulnerability is fixed in 10.... | 7.2 | HIGH | β | 0 |
| CVE-2026-39343 ChurchCRM is an open-source church management system. Prior to 7.1.0, a SQL injection vulnerability exists in the EditEventTypes.php file, which is only accessible to administrators. The EN_tyid POST ... | 7.2 | HIGH | β | 0 |
| CVE-2026-1238 The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fh' (fingerprint) parameter in all versions up to, and including, 5.3.5 due to insufficient input sani... | 7.2 | HIGH | β | 0 |
| CVE-2026-33504 Ory Hydra is an OAuth 2.0 Server and OpenID Connect Provider. Prior to version 26.2.0, the listOAuth2Clients, listOAuth2ConsentSessions, and listTrustedOAuth2JwtGrantIssuers Admin APIs in Ory Hydra ar... | 7.2 | HIGH | β | 0 |
| CVE-2026-33133 WeGIA is a web manager for charitable institutions. In versions 3.6.5 and 3.6.6, the loadBackupDB() function imports SQL files from uploaded backup archives without any content validation. An attacker... | 7.2 | HIGH | β | 0 |
| CVE-2026-4808 The Gerador de Certificados β DevApps plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the moveUploadedFile() function in all versions up to, and inc... | 7.2 | HIGH | β | 0 |
| CVE-2026-39325 ChurchCRM is an open-source church management system. Prior to 7.1.0, an SQL injection vulnerability was found in the endpoint /SettingsUser.php in ChurchCRM 7.0.5. Authenticated administrative users ... | 7.2 | HIGH | β | 0 |
| CVE-2026-35581 Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, the Executrix utility class constructed shell commands by concatenating configuration-derived values β including the PLACE_NAME pa... | 7.2 | HIGH | β | 0 |
| CVE-2026-23759 Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell 'ps' command doe... | 7.2 | HIGH | β | 0 |
| CVE-2026-4172 A vulnerability was detected in TRENDnet TEW-632BRP 1.010B32. This affects an unknown part of the file /ping_response.cgi of the component HTTP POST Request Handler. The manipulation of the argument p... | 7.2 | HIGH | β | 0 |
| CVE-2026-1343 IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Acces... | 7.2 | HIGH | β | 0 |
| CVE-2026-29047 GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This vulnerability is ... | 7.2 | HIGH | β | 0 |
| CVE-2026-22666 Dolibarr ERP/CRM versions prior to 23.0.2 contain an authenticated remote code execution vulnerability in the dol_eval_standard() function that fails to apply forbidden string checks in whitelist mode... | 7.2 | HIGH | β | 0 |
| CVE-2026-35037 Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to 4.2.8, the GET /api/website/title endpoint accepts an arbitrary URL via the website_url query parameter and ... | 7.2 | HIGH | β | 0 |
| CVE-2026-35476 InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, a non-staff authenticated user can elevate their account to a staff level via a POST request against their user accou... | 7.2 | HIGH | β | 0 |
| CVE-2016-20032 ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the '... | 7.2 | HIGH | β | 0 |
| CVE-2015-20118 Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability in the location_name parameter of the admin locations interface. Attackers can submit POST requests to the l... | 7.2 | HIGH | β | 0 |
| CVE-2015-20115 Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize file uploads, allowing attackers to store malicious scripts through the file POST parameter in admin/tools.php. Attackers can upload f... | 7.2 | HIGH | β | 0 |
| CVE-2026-22317 A command injection vulnerability in the deviceβs Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution ... | 7.2 | HIGH | β | 0 |
| CVE-2026-3873 Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Avantra: before 25.3.0. | 7.2 | HIGH | β | 0 |
| CVE-2026-34607 Emlog is an open source website building system. In versions 2.6.2 and prior, a path traversal vulnerability exists in the emUnZip() function (include/lib/common.php:793). When extracting ZIP archives... | 7.2 | HIGH | β | 0 |
| CVE-2026-5425 The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data' parameter keys in all versions up to, and including, 1.7.9 due to insufficient i... | 7.2 | HIGH | β | 0 |
| CVE-2026-2936 The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page_title' parameter in all versions up to, and including, 8.4 due to insufficient ... | 7.2 | HIGH | β | 0 |
| CVE-2026-34217 SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, a scope modification vulnerability exists in @nyariv/sandboxjs. The vulnerability allows untrusted sandboxed code to leak internal interp... | 7.2 | HIGH | β | 0 |
| CVE-2018-25250 MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. ... | 7.2 | HIGH | β | 0 |
| CVE-2026-23898 Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism. | 7.2 | HIGH | β | 0 |
| CVE-2026-33613 Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. ... | 7.2 | HIGH | β | 0 |
| CVE-2026-27885 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability was discovered in Piwigo affecting the Activity List API endpoint. This vulnerabi... | 7.2 | HIGH | β | 0 |
| CVE-2026-4267 The Query Monitor β The developer tools panel for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the β$_SERVER['REQUEST_URI']β parameter in all versions up to, and ... | 7.2 | HIGH | β | 0 |
| CVE-2026-1540 The Spam Protect for Contact Form 7 WordPress plugin before 1.2.10 allows logging to a PHP file, which could allow an attacker with editor access to achieve Remote Code Execution by using a crafted he... | 7.2 | HIGH | β | 0 |
| CVE-2026-33725 Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on ... | 7.2 | HIGH | β | 0 |
| CVE-2026-35536 In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.set_cookie were not checked for crafted characters. | 7.2 | HIGH | β | 0 |
| CVE-2025-15519 Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An ... | 7.2 | HIGH | β | 0 |
| CVE-2025-12886 The Oxygen Theme theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.8 via the laborator_calc_route AJAX action. This makes it possible for unaut... | 7.2 | HIGH | β | 0 |
| CVE-2026-35056 XenForo before 2.3.9 and before 2.2.18 allows remote code execution (RCE) by authenticated, but malicious, admin users. An attacker with admin panel access can execute arbitrary code on the server. | 7.2 | HIGH | β | 0 |
| CVE-2026-29782 OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the oauth2.php file in OpenSTAManager is an unauthenticated endpoint ($skip_permis... | 7.2 | HIGH | β | 0 |
| CVE-2026-30940 baserCMS is a website development framework. Prior to version 5.2.3, a path traversal vulnerability exists in the theme file management API (/baser/api/admin/bc-theme-file/theme_files/add.json) that a... | 7.2 | HIGH | β | 0 |
| CVE-2026-0686 The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 in the 'MF2::parse_authorpage' function via the 'Receiver::post' function. ... | 7.2 | HIGH | β | 0 |
| CVE-2026-23269 In the Linux kernel, the following vulnerability has been resolved: apparmor: validate DFA start states are in bounds in unpack_pdb Start states are read from untrusted data and used as indexes into... | 7.1 | HIGH | β | 0 |
| CVE-2026-34472 Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2_TE and V6.0.10P3N3_TE allows unauthenticated attackers on the local network to retrieve sensitive credentials ... | 7.1 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.