Skip to main content
CVE-2026-0571 LOW POC Monitor

Path traversal in the yeqifu Warehouse application's file handling function allows authenticated attackers to read arbitrary files on the system through manipulated path parameters. Public exploit code exists for this vulnerability, increasing the risk of exploitation. The rolling-release nature of the product means affected users lack clear version guidance and no official patch is currently available.

Path Traversal Warehouse
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-0547 LOW POC Monitor

Unrestricted file upload in PHPGurukul Online Course Registration versions up to 3.1 allows authenticated attackers to upload arbitrary files through the student profile photo parameter in /admin/edit-student-profile.php. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with login credentials can exploit this remotely to potentially execute malicious code or compromise the application.

PHP Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-15423 LOW POC Monitor

A vulnerability has been found in EmpireSoft EmpireCMS up to 8.0. Impacted is the function CheckSaveTranFiletype of the file e/class/connect.php. [CVSS 6.3 MEDIUM]

PHP Authentication Bypass File Upload
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-15438 LOW POC Monitor

A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::__destruct of the file core/admin/medias.php of the component Media Management Module. [CVSS 4.7 MEDIUM]

PHP Deserialization
NVD VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2026-0566 LOW POC Monitor

Unrestricted file upload in code-projects CMS 1.0 via the image parameter in /admin/edit_posts.php allows authenticated administrators to upload arbitrary files remotely. Public exploit code exists for this vulnerability, though a patch is not yet available. The issue affects PHP-based installations and requires high-level privileges to exploit.

PHP Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2026-21429 LOW POC Monitor

Emlog 2.5.23 contains an integrity bypass vulnerability that allows authenticated administrators to restrict legitimate users from editing or deleting their own published articles through improper access controls. This medium-severity flaw (CVSS 4.3) enables privileged users to modify content permissions without authorization, and public exploit code exists. No patch is currently available for affected installations.

Authentication Bypass Emlog
NVD GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-15437 LOW POC PATCH Monitor

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. [CVSS 3.5 LOW]

XSS Ligerosmart
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-15418 LOW POC PATCH Monitor

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogs_gtp2_parse_bearer_qos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. [CVSS 3.3 LOW]

Denial Of Service Open5gs
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-15419 LOW POC PATCH Monitor

A weakness has been identified in Open5GS up to 2.7.6. Affected by this issue is the function sgwc_s5c_handle_create_session_response of the file src/sgwc/s5c-handler.c of the component GTPv2-C Flow Handler. [CVSS 3.3 LOW]

Denial Of Service Open5gs
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-62840 LOW Monitor

A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data. [CVSS 3.3 LOW]

Information Disclosure Hybrid Backup Sync
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-15439 LOW Monitor

A vulnerability was identified in Daptin 0.10.3. Affected by this vulnerability is the function goqu.L of the file server/resource/resource_aggregate.go of the component Aggregate API. [CVSS 6.3 MEDIUM]

SQLi
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy