Export limit exceeded: 347773 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 79574 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79574 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23978 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through <= 2.2.1. | ||||
| CVE-2026-34481 | 1 Apache | 2 Log4j, Log4j Layout Template Json | 2026-04-24 | 7.5 High |
| Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values (NaN, Infinity, or -Infinity), which are prohibited by RFC 8259. This may cause downstream log processing systems to reject or fail to index affected records. An attacker can exploit this issue only if both of the following conditions are met: * The application uses JsonTemplateLayout. * The application logs a MapMessage containing an attacker-controlled floating-point value. Users are advised to upgrade to Apache Log4j JSON Template Layout 2.25.4, which corrects this issue. | ||||
| CVE-2026-34480 | 1 Apache | 1 Log4j | 2026-04-24 | 7.5 High |
| Apache Log4j Core's XmlLayout https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout , in versions up to and including 2.25.3, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/#charsets producing invalid XML output whenever a log message or MDC value contains such characters. The impact depends on the StAX implementation in use: * JRE built-in StAX: Forbidden characters are silently written to the output, producing malformed XML. Conforming parsers must reject such documents with a fatal error, which may cause downstream log-processing systems to drop the affected records. * Alternative StAX implementations (e.g., Woodstox https://github.com/FasterXML/woodstox , a transitive dependency of the Jackson XML Dataformat module): An exception is thrown during the logging call, and the log event is never delivered to its intended appender, only to Log4j's internal status logger. Users are advised to upgrade to Apache Log4j Core 2.25.4, which corrects this issue by sanitizing forbidden characters before XML output. | ||||
| CVE-2026-23344 | 1 Linux | 1 Linux Kernel | 2026-04-24 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sev_tsm_init_locked(), the code dereferences 't' after it has been freed with kfree(). The pr_err() statement attempts to access t->tio_en and t->tio_init_done after the memory has been released. Move the pr_err() call before kfree(t) to access the fields while the memory is still valid. This issue reported by Smatch static analyser | ||||
| CVE-2026-24367 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through < 3.2.8. | ||||
| CVE-2026-24390 | 3 Elementor, Qantumthemes, Wordpress | 3 Elementor, Kentha Elementor Widgets, Wordpress | 2026-04-24 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in QantumThemes Kentha Elementor Widgets kentha-elementor allows PHP Local File Inclusion.This issue affects Kentha Elementor Widgets: from n/a through < 3.1. | ||||
| CVE-2026-24531 | 1 Wordpress | 1 Wordpress | 2026-04-24 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 2.3. | ||||
| CVE-2026-5564 | 1 Code-projects | 1 Simple Laundry System | 2026-04-24 | 7.3 High |
| A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. This manipulation of the argument searchServiceId causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-5575 | 2 Jkev, Sourcecodester | 2 Record Management System, Record Management System | 2026-04-24 | 7.3 High |
| A vulnerability was detected in SourceCodester/jkev Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-5554 | 1 Code-projects | 1 Concert Ticket Reservation System | 2026-04-24 | 7.3 High |
| A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/process_search.php of the component Parameter Handler. Performing a manipulation of the argument searching results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-5540 | 1 Code-projects | 1 Simple Laundry System | 2026-04-24 | 7.3 High |
| A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-5544 | 1 Utt | 1 Hiper 1250gw | 2026-04-24 | 8.8 High |
| A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-5534 | 1 Itsourcecode | 1 Online Enrollment System | 2026-04-24 | 7.3 High |
| A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-5566 | 1 Utt | 1 Hiper 1250gw | 2026-04-24 | 8.8 High |
| A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects the function strcpy of the file /goform/formNatStaticMap. Performing a manipulation of the argument NatBind results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. | ||||
| CVE-2026-5551 | 1 Itsourcecode | 1 Free Hotel Reservation System | 2026-04-24 | 7.3 High |
| A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-5565 | 1 Code-projects | 1 Simple Laundry System | 2026-04-24 | 7.3 High |
| A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-5555 | 1 Code-projects | 1 Concert Ticket Reservation System | 2026-04-24 | 7.3 High |
| A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-39371 | 2 Redwoodjs, Rwsdk | 2 Sdk, Redwoodsdk | 2026-04-24 | 8.1 High |
| RedwoodSDK is a server-first React framework. From 1.0.0-beta.50 to 1.0.5, erver functions exported from "use server" files could be invoked via GET requests, bypassing their intended HTTP method. In cookie-authenticated applications, this allowed cross-site GET navigations to trigger state-changing functions, because browsers send SameSite=Lax cookies on top-level GET requests. This affected all server functions -- both serverAction() handlers and bare exported functions in "use server" files. This vulnerability is fixed in 1.0.6. | ||||
| CVE-2026-3666 | 2 Tomdever, Wordpress | 2 Wpforo Forum, Wordpress | 2026-04-24 | 8.8 High |
| The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber level access and above, to delete arbitrary files on the server by embedding a crafted path traversal string in a forum post body and then deleting the post. | ||||
| CVE-2026-4896 | 2 Wclovers, Wordpress | 2 Wcfm – Frontend Manager For Woocommerce, Wordpress | 2026-04-24 | 8.1 High |
| The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.25 via multiple AJAX actions including `wcfm_modify_order_status`, `delete_wcfm_article`, `delete_wcfm_product`, and the article management controller due to missing validation on user-supplied object IDs. This makes it possible for authenticated attackers, with Vendor-level access and above, to modify the status of any order, delete or modify any post/product/page, regardless of ownership. | ||||