Skip to main content
CVE-2020-37077 MEDIUM POC This Month

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage_email_templates.php script that allows authenticated administrators to access unauthorized files. [CVSS 6.5 MEDIUM]

PHP Path Traversal
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-67189 MEDIUM POC This Month

A950Rg Firmware versions up to 4.1.2cu.5204_b20210112 is affected by classic buffer overflow (CVSS 6.5).

Buffer Overflow Denial Of Service A950rg Firmware RCE TOTOLINK
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2020-37115 MEDIUM POC This Month

GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access. [CVSS 6.5 MEDIUM]

Authentication Bypass Open Eclass Platform
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24670 MEDIUM POC This Month

Broken access control in Open eClass Platform versions prior to 4.2 allows authenticated students to create course units, a privilege normally reserved for instructors and administrators. An attacker with valid student credentials can escalate their capabilities within the platform by performing unauthorized administrative actions. Public exploit code exists for this vulnerability, and no patch is currently available.

Authentication Bypass Open Eclass Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24668 MEDIUM POC This Month

Broken access control in Open eClass Platform before version 4.2 allows authenticated students to modify course content that should only be editable by instructors and administrators. Public exploit code exists for this vulnerability, and no patch is currently available for affected deployments. An attacker with valid student credentials can escalate their privileges to alter course materials and potentially disrupt educational content integrity.

Authentication Bypass Open Eclass Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24666 MEDIUM POC This Month

The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 6.5 MEDIUM]

CSRF Open Eclass Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1207 MEDIUM POC PATCH GHSA This Month

SQL injection in Django's PostGIS RasterField lookups allows authenticated attackers to execute arbitrary SQL commands through the band index parameter in affected versions 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Unsupported Django series including 5.0.x, 4.1.x, and 3.2.x may also be vulnerable. A patch is available and authentication is required to exploit this vulnerability.

Django SQLi Python
NVD HeroDevs VulDB
CVSS 3.1
5.4
EPSS
5.5%
CVE-2020-37086 MEDIUM POC This Month

Easy Transfer 1.7 iOS mobile application contains a directory traversal vulnerability that allows remote attackers to access unauthorized file system paths without authentication. [CVSS 6.2 MEDIUM]

Path Traversal
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
1.3%
CVE-2019-25265 MEDIUM POC This Month

group description field of the admin edit groups section. Attackers can inject malicious JavaScript through the description field is affected by cross-site scripting (xss) (CVSS 6.4).

XSS
NVD Exploit-DB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2020-37103 MEDIUM POC This Month

DotNetNuke 9.5 contains a persistent cross-site scripting vulnerability that allows normal users to upload malicious XML files with executable scripts through journal tools. [CVSS 6.4 MEDIUM]

.NET XSS CSRF Dotnetnuke
NVD Exploit-DB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2019-25264 MEDIUM POC This Month

Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerability that allows authorized users to upload malicious SVG files with embedded JavaScript. Attackers can craft SVG files with script tags to execute arbitrary JavaScript when the accessory is viewed by other users. [CVSS 6.4 MEDIUM]

XSS
NVD GitHub Exploit-DB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2019-25263 MEDIUM POC This Month

Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. [CVSS 6.4 MEDIUM]

XSS
NVD Exploit-DB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-71179 MEDIUM POC This Month

Creativeitem Academy LMS 7.0 contains reflected Cross-Site Scripting (XSS) vulnerabilities via the search parameter to the /academy/blogs endpoint, and the string parameter to the /academy/course_bundles/search/query endpoint. [CVSS 6.1 MEDIUM]

XSS Academy Lms
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-24671 MEDIUM POC This Month

The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 6.1 MEDIUM]

XSS Open Eclass Platform
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-69431 MEDIUM POC This Month

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. [CVSS 6.1 MEDIUM]

Path Traversal Q2c Firmware
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-69430 MEDIUM POC This Month

An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 (version equal to or prior to V1.9.12), DM3 (version equal to or prior to V1.9.12), and DM200 (version equal to or prior to V1.2.23) that could be exploited by attackers to leak or tamper with the internal file system. [CVSS 6.1 MEDIUM]

Path Traversal Dm2 Firmware Dm200 Firmware Dm3 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2020-37111 MEDIUM POC This Month

60CycleCMS 2.5.2 contains a cross-site scripting (XSS) vulnerability in news.php that allows attackers to inject malicious scripts through GET parameters. [CVSS 6.1 MEDIUM]

PHP SQLi XSS 60cyclecms
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-70849 MEDIUM POC PATCH This Month

Arbitrary File Upload in podinfo thru 6.9.0 allows unauthenticated attackers to upload arbitrary files via crafted POST request to the /store endpoint. [CVSS 6.1 MEDIUM]

XSS Podinfo Suse
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-69429 MEDIUM POC This Month

The ORICO NAS CD3510 (version V1.9.12 and below) contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. [CVSS 6.1 MEDIUM]

Path Traversal Cd3510 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-25483 MEDIUM POC PATCH This Month

Stored XSS in Craft Commerce's Order Status History Message (versions 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1) allows authenticated attackers with database backup permissions to inject malicious scripts that execute in the context of other users' browsers. Public exploit code exists for this vulnerability, enabling attackers to exfiltrate sensitive data including user credentials, customer PII, order history, and 2FA recovery codes. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-24664 MEDIUM POC This Month

Open Eclass Platform versions up to 4.2 contains a vulnerability that allows attackers to identify valid user accounts by analyzing differences in the login response beha (CVSS 5.3).

Information Disclosure Open Eclass Platform
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2020-37091 MEDIUM POC This Month

Maian Support Helpdesk 4.3 contains a cross-site request forgery vulnerability that allows attackers to create administrative accounts without authentication. [CVSS 5.3 MEDIUM]

PHP CSRF
NVD Exploit-DB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2020-37096 MEDIUM POC This Month

Ew-7438Rpn Mini Firmware versions up to 1.13 is affected by cross-site request forgery (csrf) (CVSS 5.3).

CSRF Ew 7438rpn Mini Firmware
NVD Exploit-DB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-25488 MEDIUM POC PATCH This Month

Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated administrators with high privileges to inject malicious scripts through unsanitized Tax Category fields, which execute when other admins view the affected pages. Public exploit code exists for this vulnerability. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25487 MEDIUM POC PATCH This Month

Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated administrators with high privileges to inject malicious scripts via unsanitized Tax Rates name fields, enabling arbitrary JavaScript execution in other administrators' browsers. Public exploit code exists for this vulnerability. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25486 MEDIUM POC PATCH This Month

Stored XSS in Craft Commerce versions 5.0.0 through 5.5.1 permits authenticated attackers with administrative privileges to inject malicious scripts through the Shipping Methods Name field, which executes in other administrators' browsers when they access the Store Management interface. Public exploit code exists for this vulnerability. The flaw stems from insufficient input sanitization and is remediated in version 5.5.2.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25522 MEDIUM POC PATCH This Month

Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated attackers with high privileges to inject malicious scripts through unsanitized Shipping Zone name and description fields, which execute in administrators' browsers. Public exploit code exists for this vulnerability. Updates to versions 4.10.1 and 5.5.2 are available to remediate the issue.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25482 MEDIUM POC PATCH This Month

Craft Commerce versions 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 contain a stored DOM-based XSS vulnerability in the Recent Orders dashboard widget where unescaped Order Status Names allow arbitrary script execution when administrators access the dashboard. An attacker with the ability to modify order statuses can inject malicious JavaScript that executes in the context of any admin user, potentially leading to account compromise or unauthorized actions. Public exploit code exists for this vulnerability; patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25490 MEDIUM POC PATCH This Month

Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated attackers with high privileges to inject malicious scripts via the Address Line 1 field in Inventory Locations, which execute in administrators' browsers when the field is viewed in the admin panel. Public exploit code exists for this vulnerability. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25489 MEDIUM POC PATCH This Month

Stored XSS in Craft Commerce 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated attackers with high privileges to inject malicious scripts via unsanitized Tax Zone name and description fields, executing arbitrary JavaScript in administrators' browsers. Public exploit code exists for this vulnerability. Patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25485 MEDIUM POC PATCH This Month

Stored XSS in Craft Commerce shipping category fields allows authenticated attackers with high privileges to inject malicious scripts that execute in administrators' browsers, affecting versions 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1. The vulnerability stems from insufficient sanitization of the Name and Description fields in the Store Management section before display in the admin panel. Public exploit code exists, and patches are available in versions 4.10.1 and 5.5.2.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-25484 MEDIUM POC PATCH This Month

Stored cross-site scripting in Craft Commerce versions 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1 allows authenticated users with product type management permissions to inject malicious scripts via unsanitized product type names that execute when administrators view user permissions settings. Public exploit code exists for this vulnerability. Upgrades to versions 4.10.1 or 5.5.2 resolve the issue.

XSS Craft Commerce
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-24674 MEDIUM POC This Month

The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 4.7 MEDIUM]

XSS Open Eclass Platform
NVD GitHub
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-25616 MEDIUM POC This Month

Blesta 3.x through 5.x before 5.13.3 mishandles input validation, aka CORE-5665. [CVSS 4.7 MEDIUM]

XSS Blesta
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-24774 MEDIUM POC This Month

The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. [CVSS 4.3 MEDIUM]

Information Disclosure Open Eclass Platform
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-24673 MEDIUM POC This Month

Open Eclass Platform versions up to 4.2 is affected by unrestricted upload of file with dangerous type (CVSS 4.3).

File Upload Open Eclass Platform
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2020-37114 MEDIUM POC This Month

GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. [CVSS 4.3 MEDIUM]

AWS Information Disclosure Open Eclass Platform
NVD Exploit-DB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-23794 MEDIUM PATCH This Month

Reflected XSS in Apache Syncope's Enduser Login page. An attacker that tricks a legitimate user into clicking a malicious link and logging in to Syncope Enduser could steal that user's credentials. [CVSS 6.8 MEDIUM]

Apache XSS Syncope
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-70559 MEDIUM PATCH This Month

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. [CVSS 6.5 MEDIUM]

Python Privilege Escalation Deserialization RCE Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-24988 MEDIUM This Month

The Events Calendar Shortcode & Block plugin through version 3.1.1 contains a stored cross-site scripting vulnerability that allows authenticated users with limited privileges to inject malicious scripts into event pages, affecting all site visitors. An attacker can exploit this by crafting malicious input that persists in the database and executes in users' browsers when they view affected event content. No patch is currently available for this medium-severity vulnerability.

XSS
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24958 MEDIUM This Month

Crocoblock JetElements For Elementor jet-elements is affected by cross-site scripting (xss) (CVSS 6.5).

XSS
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24952 MEDIUM This Month

Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting is affected by cross-site scripting (xss) (CVSS 6.5).

XSS
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-65017 MEDIUM PATCH This Month

Decidim is a participatory democracy framework. In versions from 0.30.0 to before 0.30.4 and from 0.31.0.rc1 to before 0.31.0, the private data exports can lead to data leaks in case the UUID generation, causing collisions for the generated UUIDs. [CVSS 6.5 MEDIUM]

Information Disclosure Decidim
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-12773 MEDIUM This Month

A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. [CVSS 6.5 MEDIUM]

Information Disclosure Sannav
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24957 MEDIUM This Month

Unauthorized information disclosure in WordPress Strong Testimonials plugin version 3.2.20 and earlier stems from improper access control validation, allowing authenticated users to access sensitive data they should not have permission to view. An attacker with low-privilege WordPress account credentials can exploit this vulnerability to read confidential information without requiring user interaction. Currently, no patch is available for this vulnerability.

Authentication Bypass WordPress
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24053 MEDIUM PATCH This Month

Claude Code versions prior to 2.0.74 allow authenticated users to write files outside designated directories by exploiting inadequate Bash command validation in ZSH clobber syntax parsing. An attacker with the ability to inject malicious content into a Claude Code context window on a ZSH-based system can bypass file restrictions and achieve unauthorized file writes without triggering user permission prompts. This vulnerability requires user interaction and ZSH environment configuration, making it suitable for supply chain or prompt injection attacks against Claude Code users.

Path Traversal AI / ML Claude Code
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24514 MEDIUM PATCH This Month

Ingress-nginx's validating admission controller is vulnerable to denial of service through memory exhaustion when processing oversized requests, enabling authenticated attackers to crash the controller pod or exhaust node memory. The vulnerability requires valid credentials but no user interaction, affecting deployments relying on this validation feature. No patch is currently available.

Nginx Denial Of Service Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-70311 MEDIUM This Month

JEEWMS 1.0 is vulnerable to SQL Injection. Attackers can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do interface for attack. [CVSS 6.5 MEDIUM]

SQLi Jeewms
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25036 MEDIUM This Month

The Passster WordPress plugin through version 4.2.25 contains an authorization bypass that allows authenticated users to access content protection mechanisms without proper permission validation. An attacker with low-privilege WordPress credentials can circumvent access controls to view protected content that should be restricted. No patch is currently available for this vulnerability.

Authentication Bypass WordPress
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24984 MEDIUM This Month

Brecht Visual Link Preview versions 2.2.9 and earlier contain an authorization bypass vulnerability that allows authenticated users to access sensitive information they should not have permission to view. An attacker with valid credentials can exploit misconfigured access controls to read confidential data, though they cannot modify or delete information. No patch is currently available for this vulnerability.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy