Skip to main content
CVE-2020-37095 CRITICAL POC Act Now

Cyberoam Authentication Client 2.1.2.7 has a buffer overflow allowing remote attackers to execute code through the network authentication service.

DNS Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2020-37159 CRITICAL POC Act Now

Parallaxis Cuckoo Clock 5.0 has a buffer overflow enabling code execution through crafted input.

RCE Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-37161 CRITICAL POC Act Now

Wedding Slideshow Studio 1.36 has a buffer overflow allowing code execution through crafted project files.

RCE Buffer Overflow Wedding Slideshow Studio
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-37162 CRITICAL POC Act Now

Wedding Slideshow Studio 1.36 has a second buffer overflow in the registration key input enabling code execution.

Buffer Overflow Stack Overflow Wedding Slideshow Studio
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-25857 HIGH POC This Week

Unauthenticated command injection in Tenda G300-F router firmware version 16.01.14.2 and earlier allows authenticated attackers to execute arbitrary OS commands through the WAN diagnostic interface by injecting shell metacharacters into unvalidated curl parameters. An attacker with management interface access can exploit this to gain full system compromise with process-level privileges. Public exploit code exists and no patch is currently available.

Command Injection G300 F Firmware
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2026-2086 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-171114 allows authenticated attackers to achieve full system compromise via a buffer overflow in the Management Interface firewall configuration function. Public exploit code exists for this vulnerability, and no patch is available from the vendor despite early disclosure notification. The attack requires valid credentials but can be executed over the network without user interaction.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2071 HIGH POC This Week

Unauthenticated attackers can exploit a buffer overflow in the UTT 520W Firmware's P2P configuration function via a crafted request to achieve remote code execution with high privileges. The vulnerability requires only network access and low complexity to exploit, with public exploit code already available. No patch has been released by the vendor despite early notification.

Buffer Overflow 520w Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2020-37163 HIGH POC This Week

QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the '_located' parameter in the find_matches endpoint. [CVSS 8.2 HIGH]

SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2020-37141 HIGH POC This Week

AMSS++ version 4.31 contains a SQL injection vulnerability in the mail module's maildetail.php script through the 'id' parameter. Attackers can manipulate the 'id' parameter in /modules/mail/main/maildetail.php to inject malicious SQL queries and potentially access or modify database contents. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2020-37135 HIGH POC This Week

AMSS++ 4.7 contains an authentication bypass vulnerability that allows attackers to access administrative accounts using hardcoded credentials. Attackers can log in with the default admin username and password '1234' to gain unauthorized administrative access to the system. [CVSS 7.5 HIGH]

Authentication Bypass
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2020-37146 HIGH POC This Week

ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. [CVSS 7.5 HIGH]

Authentication Bypass
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2020-37157 HIGH POC This Week

DBPower C300 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive credentials through an unprotected configuration backup endpoint. [CVSS 7.5 HIGH]

Authentication Bypass
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2020-37155 HIGH POC This Week

Core FTP Lite 1.3 contains a buffer overflow vulnerability in the username input field that allows attackers to crash the application by supplying oversized input. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2020-37122 HIGH POC This Week

SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the application crash. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2020-37109 HIGH POC This Week

aSc TimeTables 2020.11.4 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Subject title field with a large buffer. [CVSS 7.5 HIGH]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2020-37107 HIGH POC This Week

Core FTP LE 2.2 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the account field with a large buffer. [CVSS 7.5 HIGH]

Denial Of Service
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-2080 HIGH POC This Week

Remote code execution in UTT HiPER 810 Firmware 1.7.4-141218 via command injection in the user administration function allows unauthenticated attackers to execute arbitrary commands over the network. The vulnerability exists in the passwd1 parameter of the /goform/formUser endpoint and has public exploit code available. No patch is currently available from the vendor, who has been unresponsive to disclosure attempts.

Command Injection 810 Firmware
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.4%
CVE-2026-2084 HIGH POC This Week

D-Link DIR-823X firmware contains a command injection vulnerability in the /goform/set_language endpoint that allows remote attackers with high privileges to execute arbitrary OS commands via manipulation of the langSelection parameter. Public exploit code exists for this vulnerability, and no patch is currently available. Successful exploitation grants complete system compromise with confidentiality, integrity, and availability impact.

D-Link Command Injection Dir 823x Firmware
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.3%
CVE-2026-2085 HIGH POC This Week

Command injection in D-Link DWR-M921 firmware versions up to 1.1.50 allows remote attackers with high privileges to execute arbitrary commands through the USSD Configuration endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An authenticated attacker can leverage the unsanitized ussdValue parameter to compromise the affected device.

D-Link Command Injection Dwr M921 Firmware
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.3%
CVE-2020-37154 HIGH POC This Week

eLection 2.0 contains an authenticated SQL injection vulnerability in the candidate management endpoint that allows attackers to manipulate database queries through the 'id' parameter. [CVSS 7.1 HIGH]

RCE SQLi
NVD GitHub Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2020-37147 HIGH POC This Week

ATutor 2.2.4 contains a SQL injection vulnerability in the admin user deletion page that allows authenticated attackers to manipulate database queries through the 'id' parameter. [CVSS 7.1 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2020-37171 MEDIUM POC This Month

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. [CVSS 6.2 MEDIUM]

Denial Of Service Tapinradio
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2020-37170 MEDIUM POC This Month

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. [CVSS 6.2 MEDIUM]

Denial Of Service Tapinradio
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2020-37165 MEDIUM POC This Month

AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character payload and paste it into the license name field to trigger an application crash. [CVSS 6.2 MEDIUM]

Denial Of Service Absolutetelnet
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2020-37164 MEDIUM POC This Month

AbsoluteTelnet 11.12 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized license name. Attackers can generate a 2500-character payload and paste it into the license entry field to trigger an application crash. [CVSS 6.2 MEDIUM]

Denial Of Service Absolutetelnet
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2020-37166 MEDIUM POC This Month

AbsoluteTelnet 11.12 contains a denial of service vulnerability in the SSH2 username input field that allows local attackers to crash the application. Attackers can overwrite the username field with a 1000-byte buffer, causing the application to become unresponsive and terminate. [CVSS 6.2 MEDIUM]

Denial Of Service Absolutetelnet
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2020-37160 MEDIUM POC This Month

SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. [CVSS 6.2 MEDIUM]

Windows Privilege Escalation
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-2115 MEDIUM POC This Month

SQL injection in itsourcecode Society Management System 1.0 allows unauthenticated remote attackers to manipulate the expenses_id parameter in /admin/delete_expenses.php, enabling unauthorized database access and modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-2114 MEDIUM POC This Month

SQL injection in itsourcecode Society Management System 1.0 through the admin_id parameter in /admin/edit_admin.php allows unauthenticated remote attackers to manipulate the database. Public exploit code exists for this vulnerability, and no patch is currently available, putting all installations at immediate risk of data compromise.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-2088 MEDIUM POC This Month

SQL injection in PHPGurukul Beauty Parlour Management System 1.1 via the delid parameter in /admin/accepted-appointment.php enables remote attackers to manipulate database queries without authentication. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected systems at active risk.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-2083 MEDIUM POC This Month

SQL injection in the /delete_post.php endpoint of code-projects Social Networking Site 1.0 allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker could leverage this to read, modify, or delete sensitive data within the application's database.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-2073 MEDIUM POC This Month

School Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-2113 MEDIUM POC This Month

Unsafe deserialization in yuan1994 tpadmin versions up to 1.3.12 allows remote attackers to execute arbitrary code via the WebUploader preview.php component without authentication. Public exploit code exists for this vulnerability, and affected installations running unsupported versions face immediate risk. The flaw enables complete system compromise with no patch available from the maintainer.

PHP Deserialization
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-25858 CRITICAL Act Now

macrozheng mall e-commerce platform v1.0.3 has an authentication vulnerability in password reset enabling unauthorized account takeover.

Information Disclosure Mall
NVD GitHub
CVSS 4.0
9.3
EPSS
0.4%
CVE-2026-2108 MEDIUM POC This Month

Coco Annotator versions up to 0.11.1. is affected by improper resource shutdown or release (CVSS 5.3).

Denial Of Service Coco Annotator
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2020-37106 MEDIUM POC This Month

Business Live Chat Software 1.0 contains a cross-site request forgery vulnerability that allows attackers to change user account roles without authentication. [CVSS 5.3 MEDIUM]

CSRF
NVD Exploit-DB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-25560 HIGH PATCH This Week

LDAP filter injection in WeKan before 8.19 allows remote unauthenticated attackers to manipulate LDAP search filters and DN construction during login by supplying crafted usernames that are embedded into queries without escaping. Because the malicious input reaches the authentication path directly (CVSS 4.0 AV:N/PR:N/UI:N, base score 8.7), an attacker can tamper with the authentication logic to enumerate directory data or subvert the intended search filter. No public exploit is identified at time of analysis and EPSS exploitation probability is low (0.05%), but a vendor patch (commit 0b0e16c) is available.

LDAP Wekan Code Injection
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2020-37079 MEDIUM POC This Month

Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (CSRF) vulnerability in the web administration interface that allows attackers to delete admin users. [CVSS 4.3 MEDIUM]

CSRF Wing Ftp Server
NVD Exploit-DB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-25859 HIGH PATCH This Week

Broken authorization in Wekan versions prior to 8.20 lets any authenticated non-administrative user invoke board migration functionality that should be restricted to board administrators. Because permission checks on the migration methods (e.g. comprehensiveBoardMigration.execute) are insufficient, a low-privileged user can trigger unauthorized migration operations that mutate board structure and data. EPSS is very low (0.05%, 15th percentile) and there is no public exploit identified at time of analysis, but a vendor patch and fix commit are available.

Authentication Bypass Wekan
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-25568 HIGH PATCH This Week

Authorization bypass in WeKan (self-hosted kanban board) versions prior to 8.19 lets an authenticated user create public boards even when the instance-wide allowPrivateOnly setting is enabled, because server-side enforcement of the visibility policy is incomplete at board-creation time. The flaw undermines an administrator's expectation that all boards remain private, potentially exposing board content beyond intended audiences. EPSS is low (0.03%, 9th percentile) with no public exploit identified at time of analysis and no CISA KEV listing; a vendor patch is available.

Authentication Bypass Wekan
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-25566 HIGH PATCH This Week

Improper authorization in WeKan's card-move API lets an authenticated low-privilege user relocate cards to boards, lists, and swimlanes they do not control, because the destination is trusted without verifying access rights or that the target objects belong to the destination board. All WeKan versions before 8.19 are affected; no public exploit is identified at time of analysis and EPSS is negligible (0.01%), but the fixing commit publicly documents the missing checks, lowering the bar to reproduce.

Authentication Bypass Wekan
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-25565 HIGH PATCH This Week

Privilege escalation via broken authorization in WeKan (the open-source kanban board) before 8.19 lets users holding read-only board roles modify cards, lists, and swimlanes that should require write access. The flaw stems from card/list/swimlane update API routes calling a read-level access check instead of a write-level check, letting a low-privileged but authenticated member tamper with data they should only be able to view. There is no public exploit identified at time of analysis and EPSS is negligible (0.01%), but the fix is confirmed in an upstream commit and the CVSS 4.0 base score is 7.1.

Authentication Bypass Wekan
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-25564 HIGH PATCH This Week

Cross-board data tampering in WeKan (open-source Trello-style kanban board) before version 8.19 lets an authenticated low-privileged user manipulate checklists on cards belonging to boards they should not access. The checklist creation, deletion, and related REST routes accept a cardId without confirming it belongs to the supplied boardId, so an attacker can forge identifiers to add or remove checklists on other users' cards. No public exploit identified at time of analysis, and EPSS is negligible (0.01%), but the vendor fix commit confirms the root cause and a straightforward exploitation path.

Authentication Bypass Wekan
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-25563 HIGH PATCH This Week

Cross-board data tampering in WeKan (the open-source Trello-style kanban board) before version 8.19 lets an authenticated low-privilege user attach checklists to cards on boards they do not own by supplying a mismatched cardId/boardId pair. Because the checklist creation routes never confirm the card actually belongs to the referenced board, any logged-in user can manipulate identifiers to write into other users' boards. No public exploit is identified at time of analysis and EPSS exploitation probability is negligible (0.01%), but the fix is confirmed by an upstream vendor commit.

Authentication Bypass Wekan
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-25561 HIGH PATCH This Week

Improper authorization in the WeKan attachment upload API (versions prior to 8.19) lets an authenticated low-privileged user submit inconsistent object identifiers (boardId, cardId, swimlaneId, listId) that the server fails to cross-validate, allowing attachments to be associated with or moved across card/board relationships the user should not control. The affected component is the self-hosted open-source kanban platform WeKan; the fix (commit 1d16955b) adds server-side checks that a card actually belongs to the named board, swimlane, and list. No public exploit identified at time of analysis, EPSS is negligible (0.01%), and it is not in CISA KEV.

Authentication Bypass Wekan
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-2110 LOW POC Monitor

A security flaw has been discovered in Tasin1025 SwiftBuy up to 0f5011372e8d1d7edfd642d57d721c9fadc54ec7. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing a manipulation results in improper restriction of excessive authentication attempts. Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitation appears to be difficult. The exploit has been released to the public and may be used for attacks. This pro...

PHP Information Disclosure
NVD VulDB
CVSS 4.0
2.9
EPSS
0.1%
CVE-2025-31990 MEDIUM This Month

Rate limiting for certain API calls is not being enforced, making HCL Velocity vulnerable to Denial of Service (DoS) attacks. An attacker could flood the system with a large number of requests, overwhelming its resources and causing it to become unresponsive to legitimate users. [CVSS 6.8 MEDIUM]

Denial Of Service
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-15477 MEDIUM This Month

The Bucketlister plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode `category` and `id` attributes in all versions up to, and including, 0.1.5 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. [CVSS 6.5 MEDIUM]

WordPress SQLi PHP
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1573 MEDIUM This Month

Stored XSS in the OMIGO WordPress plugin through version 3.3 allows authenticated contributors and above to inject malicious scripts via the omigo_donate_button shortcode due to inadequate input sanitization, executing arbitrary code when users view affected pages. The vulnerability requires low privileges but impacts all users accessing compromised content, with no available patch as of now.

WordPress Golang XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-0555 MEDIUM This Month

The Premmerce WordPress plugin through version 1.3.20 contains a stored cross-site scripting vulnerability in the wizard AJAX endpoint due to inadequate input sanitization and output escaping on the state parameter. Authenticated users with subscriber-level permissions can inject malicious scripts that execute in the admin wizard interface when accessed by other users. No patch is currently available for this medium-severity vulnerability affecting plugin installations.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy