CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-3273 A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component httpd. Such manipulation of th... | 8.8 | HIGH | β | 0 |
| CVE-2025-15100 The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user met... | 8.8 | HIGH | β | 0 |
| CVE-2026-2139 A vulnerability was determined in Tenda TX9 up to 22.03.02.10_multi. Affected by this vulnerability is the function sub_432580 of the file /goform/fast_setting_wifi_set. This manipulation of the argum... | 8.8 | HIGH | β | 0 |
| CVE-2026-1560 The Custom Block Builder β Lazy Blocks plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.2.0 via multiple functions in the 'LazyBlocks_Blocks' class. ... | 8.8 | HIGH | β | 0 |
| CVE-2020-36942 Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img... | 8.8 | HIGH | β | 0 |
| CVE-2026-22243 EGroupware is a Web based groupware server written in PHP. A SQL Injection vulnerability exists in the core components of EGroupware prior to versions 23.1.20260113 and 26.0.20260113, specifically in ... | 8.8 | HIGH | β | 0 |
| CVE-2026-1139 A vulnerability has been found in UTT θΏε 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/ConfigExceptMSN. The manipulation leads to buffer overflow. It is possibl... | 8.8 | HIGH | β | 0 |
| CVE-2026-2140 A vulnerability was identified in Tenda TX9 up to 22.03.02.10_multi. Affected by this issue is the function sub_4223E0 of the file /goform/setMacFilterCfg. Such manipulation of the argument deviceList... | 8.8 | HIGH | β | 0 |
| CVE-2026-25201 An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1. | 8.8 | HIGH | β | 0 |
| CVE-2026-27390 Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue af... | 8.8 | HIGH | β | 0 |
| CVE-2026-28210 FreePBX is an open source IP PBX. Prior to versions 16.0.49 and 17.0.7, FreePBX module cdr (Call Data Record) is vulnerable to SQL query injection. This issue has been patched in versions 16.0.49 and ... | 8.8 | HIGH | β | 0 |
| CVE-2026-3807 A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mit_ssid/mit_s... | 8.8 | HIGH | β | 0 |
| CVE-2026-26794 GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the add_group() function. This vulnerability allows attackers to execute arbitrary SQL database operations via a... | 8.8 | HIGH | β | 0 |
| CVE-2026-2070 A vulnerability has been found in UTT θΏε 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/formPolicyRouteConf. Such manipulation of the argument GroupName leads to bu... | 8.8 | HIGH | β | 0 |
| CVE-2025-41726 A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then... | 8.8 | HIGH | β | 0 |
| CVE-2025-67619 Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through <= 3.2. | 8.8 | HIGH | β | 0 |
| CVE-2020-36938 WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access contr... | 8.8 | HIGH | β | 0 |
| CVE-2026-2071 A vulnerability was found in UTT θΏε 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formP2PLimitConfig. Performing a manipulation of the argument except results in b... | 8.8 | HIGH | β | 0 |
| CVE-2025-29004 Incorrect Privilege Assignment vulnerability in AA-Team Premium Age Verification / Restriction for WordPress, AA-Team Responsive Coming Soon Landing Page / Holding Page for WordPress allows Privilege ... | 8.8 | HIGH | β | 0 |
| CVE-2026-24345 Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI | 8.8 | HIGH | β | 0 |
| CVE-2026-2067 A security vulnerability has been detected in UTT θΏε 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTimeGroupConfig. The manipulation of the argument year1 l... | 8.8 | HIGH | β | 0 |
| CVE-2026-22473 Deserialization of Untrusted Data vulnerability in designthemes Dental Clinic dental allows Object Injection.This issue affects Dental Clinic: from n/a through <= 3.7. | 8.8 | HIGH | β | 0 |
| CVE-2026-0640 A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. ... | 8.8 | HIGH | β | 0 |
| CVE-2026-2068 A vulnerability was detected in UTT θΏε 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/formSyslogConf. The manipulation of the argument ServerIp results in buffer overflo... | 8.8 | HIGH | β | 0 |
| CVE-2020-36920 iDS6 DSSPro Digital Signage System 6.2 contains an improper access control vulnerability that allows authenticated users to elevate privileges through console JavaScript functions. Attackers can creat... | 8.8 | HIGH | β | 0 |
| CVE-2026-3728 A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-base... | 8.8 | HIGH | β | 0 |
| CVE-2020-36916 TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for ... | 8.8 | HIGH | β | 0 |
| CVE-2026-2066 A weakness has been identified in UTT θΏε 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formIpGroupConfig. Executing a manipulation of the argument groupName can lead to buffe... | 8.8 | HIGH | β | 0 |
| CVE-2025-68608 Missing Authorization vulnerability in DeluxeThemes Userpro userpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Userpro: from n/a through <= 5.1.9. | 8.8 | HIGH | β | 0 |
| CVE-2026-3729 A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-b... | 8.8 | HIGH | β | 0 |
| CVE-2020-36910 Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizard_system.cgi pages. Attackers can exploit the 'NTP_Server_IP' parameter with defa... | 8.8 | HIGH | β | 0 |
| CVE-2026-1565 The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validati... | 8.8 | HIGH | β | 0 |
| CVE-2025-66137 Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Eleme... | 8.8 | HIGH | β | 0 |
| CVE-2026-23622 Easy!Appointments is a self hosted appointment scheduler. In 1.5.2 and earlier, application/core/EA_Security.php::csrf_verify() only enforces CSRF for POST requests and returns early for non-POST meth... | 8.8 | HIGH | β | 0 |
| CVE-2025-66138 Missing Authorization vulnerability in merkulove Motionger for Elementor motionger-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Motionger for El... | 8.8 | HIGH | β | 0 |
| CVE-2026-22206 SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Att... | 8.8 | HIGH | β | 0 |
| CVE-2025-69212 OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a critical OS Command Injection vulnerability exists in the P7M (signed XML) file dec... | 8.8 | HIGH | β | 0 |
| CVE-2025-47553 Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows Object Injection.This issue affects DZS Video Gallery: from n/a through 12.25. | 8.8 | HIGH | β | 0 |
| CVE-2025-64175 Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, Gogsβ 2FA recovery code validation does not scope codes by user, enabling cross-account bypass. If an attacker knows a vict... | 8.8 | HIGH | β | 0 |
| CVE-2025-61880 In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution. | 8.8 | HIGH | β | 0 |
| CVE-2025-69214 OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection vulnerability exists in the ajax_select.php endpoint when handling t... | 8.8 | HIGH | β | 0 |
| CVE-2026-1311 The Worry Proof Backup plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.2.4 via the backup upload functionality. This makes it possible for authenticated at... | 8.8 | HIGH | β | 0 |
| CVE-2026-21676 iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have a Heap-based Buffer Overflow in its CIccMBB::Validate function which checks t... | 8.8 | HIGH | β | 0 |
| CVE-2026-21677 iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have Undefined Behavior in its CIccCLUT::Init function which initializes and sets ... | 8.8 | HIGH | β | 0 |
| CVE-2026-21485 iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are prone to have Undefined Behavior (UB) and Out of Memory errors. This issue i... | 8.8 | HIGH | β | 0 |
| CVE-2026-2006 Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code... | 8.8 | HIGH | β | 0 |
| CVE-2026-24443 EventSentry versions prior to 6.0.1.20Β contain an unverified password change vulnerability in the account management functionality of the Web Reports interface. The password change mechanism does not ... | 8.8 | HIGH | β | 0 |
| CVE-2026-27969 Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipu... | 8.8 | HIGH | β | 0 |
| CVE-2021-47888 Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability that allows logged-in users to upload malicious PHP files. Attackers can upload a PHP file with a shell... | 8.8 | HIGH | β | 0 |
| CVE-2026-2004 Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database... | 8.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.