Skip to main content
CVE-2018-25162 HIGH POC This Week

2-Plan Team 1.0.4 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload executable PHP files by sending multipart form data to managefile.php. [CVSS 6.5 MEDIUM]

PHP RCE File Upload
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.1%
CVE-2018-25191 HIGH POC This Week

Facturation System 1.0 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'mod_id' parameter. [CVSS 7.1 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2018-25180 HIGH POC This Week

Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. [CVSS 7.1 HIGH]

SQLi
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2018-25165 HIGH POC This Week

Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. [CVSS 7.1 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-29059 MEDIUM POC This Month

{workspace}/jobs_u/get_log_file/{filename})".

Path Traversal Windmill
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2018-25184 MEDIUM POC This Month

Surreal ToDo 0.6.1.2 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the content parameter. [CVSS 6.2 MEDIUM]

PHP Path Traversal
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25177 MEDIUM POC This Month

Data Center Audit 2.6.2 contains a cross-site request forgery vulnerability that allows attackers to reset administrator passwords without authentication by submitting crafted POST requests. [CVSS 5.3 MEDIUM]

PHP CSRF
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25174 MEDIUM POC This Month

ABC ERP 0.6.4 contains a cross-site request forgery vulnerability that allows attackers to modify administrator credentials by submitting forged requests to _configurar_perfil.php. [CVSS 5.3 MEDIUM]

PHP CSRF
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25198 MEDIUM POC This Month

eToolz 3.4.8.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying oversized input buffers. Attackers can create a payload file containing 255 bytes of data that triggers a buffer overflow condition when processed by the application. [CVSS 6.2 MEDIUM]

Buffer Overflow Denial Of Service Memory Corruption
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-30233 MEDIUM POC PATCH This Month

OliveTin prior to version 3000.11.1 fails to enforce view permission checks on dashboard and API endpoints, allowing authenticated users to enumerate action bindings, titles, IDs, icons, and argument metadata despite having restricted access. While command execution remains properly denied, this information disclosure enables attackers to map available actions and their configurations. Public exploit code exists for this medium-severity vulnerability, and a patch is available.

Information Disclosure Olivetin Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-28685 MEDIUM POC PATCH This Month

Kimai versions prior to 2.51.0 lack proper customer-level access controls in the invoice API endpoint, allowing any user with the TEAMLEAD role to enumerate and read all invoices across the entire system regardless of customer ownership. Public exploit code exists for this authorization bypass vulnerability, which can lead to unauthorized disclosure of sensitive financial and customer data. A patch is available in version 2.51.0 and should be applied immediately.

Authentication Bypass Kimai
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-25877 MEDIUM POC This Month

Chartbrew versions before 4.8.1 fail to validate chart ownership during modification operations, allowing authenticated users to read, modify, or delete charts from other projects they shouldn't access. An attacker with valid credentials to any project can exploit this authorization bypass to manipulate arbitrary charts across the application. Public exploit code exists for this vulnerability, and no patch is currently available.

Authentication Bypass Chartbrew
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27605 MEDIUM POC This Month

Chartbrew versions prior to 4.8.4 allow authenticated users to upload arbitrary files by bypassing file type validation, enabling stored XSS attacks through malicious HTML files served from the uploads directory. An attacker can exploit this to steal authentication tokens stored in localStorage and achieve account takeover. Public exploit code exists for this vulnerability, and no patch is currently available.

XSS Chartbrew
NVD GitHub
CVSS 3.1
6.3
EPSS
0.1%
CVE-2026-26017 MEDIUM POC PATCH This Month

CoreDNS versions prior to 1.14.2 allow authenticated attackers to bypass DNS access controls through a Time-of-Check Time-of-Use race condition in the plugin execution chain, where the rewrite plugin processes requests after security plugins like ACL have already validated them. An attacker with network access can exploit this logical flaw to access DNS records that should be restricted by configured access control policies. No patch is currently available for affected deployments.

Coredns Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-69652 MEDIUM POC PATCH This Month

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. [CVSS 6.2 MEDIUM]

Memory Corruption Denial Of Service Binutils Red Hat Suse
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-30238 MEDIUM POC This Month

Reflected cross-site scripting in GroupOffice versions before 6.8.155, 25.0.88, and 26.0.10 allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious code through the Base64-encoded f parameter. The vulnerability exists in the external/index flow where user input is decoded and inserted into inline JavaScript without proper sanitization. Public exploit code exists for this vulnerability.

XSS Group Office
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-29038 MEDIUM POC PATCH This Month

Reflected XSS in changedetection.io versions prior to 0.54.4 allows unauthenticated remote attackers to inject malicious JavaScript through the /rss/tag/ endpoint via an unescaped tag_uuid parameter, enabling session hijacking or credential theft when victims visit crafted links. The vulnerability requires user interaction to trigger and affects the Flask-based application with public exploit code available. Users should upgrade to version 0.54.4 or later immediately.

Flask XSS Changedetection
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-30237 MEDIUM POC This Month

Reflected cross-site scripting in GroupOffice installer versions prior to 6.8.155, 25.0.88, and 26.0.10 allows unauthenticated attackers to inject arbitrary scripts through the license parameter in install/license.php. Public exploit code exists for this vulnerability, enabling attackers to execute malicious JavaScript in users' browsers with moderate impact to confidentiality and integrity. The vulnerability requires user interaction and affects the web-accessible installation endpoint.

PHP XSS Group Office
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-29789 CRITICAL Act Now

Missing authorization in Vito server management before 3.20.3. CVSS 9.9.

PHP Authentication Bypass Vito
NVD GitHub VulDB
CVSS 3.1
9.9
EPSS
0.1%
CVE-2026-2331 CRITICAL Act Now

Unauthenticated file read/write via AppEngine Fileaccess over HTTP.

Path Traversal Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-28514 CRITICAL Act Now

Auth bypass in Rocket.Chat before 7.8.6+. Multiple versions affected.

Authentication Bypass Rocket.Chat
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-2446 CRITICAL Act Now

Auth bypass in PowerPack for LearnDash WordPress plugin before 1.3.0.

WordPress Authentication Bypass
NVD WPScan
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-28710 CRITICAL Act Now

Improper authentication in Acronis Cyber Protect 17.

Linux Windows Information Disclosure Cyber Protect
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-30831 CRITICAL Act Now

Auth bypass in Rocket.Chat before 7.10.8+. Second auth bypass CVE.

Authentication Bypass Rocket.Chat
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-28795 CRITICAL PATCH Act Now

Path traversal in OpenChatBI before fix. PoC and patch available.

Path Traversal AI / ML Openchatbi
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-28785 CRITICAL PATCH Act Now

SQL injection in Ghostfolio before 2.244.0 via symbol validation bypass. Patch available.

RCE SQLi Ghostfolio
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-28438 CRITICAL PATCH Act Now

SQL injection in CocoIndex Doris connector before 0.3.34. Patch available.

SQLi AI / ML Cocoindex
NVD GitHub
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-30227 MEDIUM POC PATCH This Month

Mimekit versions up to 4.15.1 contains a vulnerability that allows attackers to embed \r\n into the SMTP envelope address local-part (when the local-part is a q (CVSS 5.3).

Command Injection Mimekit
NVD GitHub
CVSS 3.1
5.3
EPSS
1.7%
CVE-2025-69651 MEDIUM POC PATCH This Month

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations returns early due to parsing errors, the internal all_relocations array may remain partially uninitialized. [CVSS 5.5 MEDIUM]

Memory Corruption Denial Of Service Binutils Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-2330 CRITICAL Act Now

Filesystem access via CROWN REST interface on industrial device. EPSS 0.25%.

Path Traversal Information Disclosure
NVD
CVSS 3.1
9.4
EPSS
0.2%
CVE-2026-30224 MEDIUM POC PATCH This Month

OliveTin prior to version 3000.11.1 fails to invalidate server-side sessions upon user logout, allowing attackers with a stolen session cookie to maintain authenticated access even after the legitimate user logs out. The vulnerability persists because browser cookies are cleared while the corresponding server session remains valid for approximately one year by default. Public exploit code exists for this session management bypass.

Authentication Bypass Olivetin Suse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-26051 CRITICAL Act Now

WebSocket auth bypass — same industrial platform family.

Privilege Escalation Authentication Bypass E Mobility
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-22552 CRITICAL Act Now

Unauthenticated remote attackers can impersonate electric vehicle charging stations in ePower.ie by connecting to exposed OCPP WebSocket endpoints without credentials. Using any known or guessed charging station identifier, attackers gain full control to issue fraudulent charging commands, manipulate billing data, and corrupt network telemetry sent to backend systems. CISA ICS-CERT published an advisory (ICSA-26-062-07) indicating industrial control system exposure. EPSS score of 0.12% (31st percentile) suggests low automated exploitation probability despite 9.3 CVSS, though the authentication bypass affects critical electric vehicle charging infrastructure.

Privilege Escalation Authentication Bypass Epower Ie
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-26288 CRITICAL Act Now

Unauthenticated remote attackers can impersonate electric vehicle charging stations in Everon's api.everon.io platform via unprotected OCPP WebSocket endpoints. By connecting with a known or discovered station identifier, attackers gain full control to issue OCPP commands as legitimate chargers, manipulate charging session data, escalate privileges within the charging network infrastructure, and corrupt backend telemetry. CISA ICS-CERT reports this vulnerability affecting critical EV charging infrastructure. Despite 9.3 CVSS score indicating critical severity, EPSS score of 0.09% (25th percentile) suggests exploitation requires specialized knowledge of OCPP protocol and charging network architecture rather than mass automated scanning.

Privilege Escalation Authentication Bypass Api Everon Io
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-30225 MEDIUM POC PATCH This Month

OliveTin versions prior to 3000.11.1 contain an authentication bypass in RestartAction that allows authenticated users to execute shell commands beyond their assigned permissions. The vulnerability stems from improper request context handling that causes the system to fall back to guest user privileges, which may have broader access than the authenticated caller. Public exploit code exists for this medium-severity flaw that enables privilege escalation and unauthorized command execution.

Privilege Escalation Olivetin Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2018-25168 MEDIUM POC This Month

Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests. [CVSS 4.3 MEDIUM]

CSRF File Upload
NVD Exploit-DB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2018-25200 MEDIUM POC This Month

OOP CMS BLOG 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by crafting malicious POST requests. [CVSS 5.3 MEDIUM]

PHP CSRF Php Oop Cms Blog
NVD Exploit-DB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-28680 CRITICAL PATCH Act Now

SSRF in Ghostfolio wealth management before 2.245.0. Patch available.

SSRF Ghostfolio
NVD GitHub
CVSS 3.1
9.3
EPSS
0.0%
CVE-2018-25190 MEDIUM POC This Month

Easyndexer 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative accounts by submitting forged POST requests. [CVSS 5.3 MEDIUM]

PHP CSRF
NVD Exploit-DB VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2018-25186 MEDIUM POC This Month

Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to modify admin user credentials by submitting forged POST requests to the profile endpoint. [CVSS 5.3 MEDIUM]

CSRF
NVD Exploit-DB VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-28497 CRITICAL Act Now

Integer overflow in TinyWeb before 2.03.

Integer Overflow Authentication Bypass Tinyweb
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-59543 CRITICAL Act Now

Second stored XSS in Chamilo LMS before 1.11.34.

XSS Chamilo Lms
NVD GitHub
CVSS 3.1
9.0
EPSS
0.0%
CVE-2025-59542 CRITICAL Act Now

Stored XSS in Chamilo LMS before 1.11.34.

XSS Chamilo Lms
NVD GitHub
CVSS 3.1
9.0
EPSS
0.0%
CVE-2026-28502 HIGH This Week

Unauthenticated administrators in WWBN AVideo versions before 24.0 can achieve remote code execution by uploading malicious ZIP files through the plugin upload functionality, which extracts files without proper validation into web-accessible directories. This allows attackers to execute arbitrary PHP code on the server with high impact to confidentiality, integrity, and availability. No patch is currently available for affected PHP installations using vulnerable AVideo versions.

PHP RCE File Upload Avideo
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2026-29041 HIGH This Week

Authenticated arbitrary code execution in Chamilo LMS versions prior to 1.11.34 allows low-privileged users to bypass file upload restrictions through MIME-type spoofing and execute malicious commands on the server. The vulnerability stems from insufficient validation of file extensions and improper storage restrictions, enabling attackers to upload and execute arbitrary files. No patch is currently available for affected deployments.

RCE Chamilo Lms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-28676 HIGH This Week

OpenShift versions prior to 1.6.3-alpha contain a path traversal vulnerability in multiple storage helpers that fail to properly validate directory boundaries, allowing authenticated attackers to read, write, or delete arbitrary files on the system. An attacker with valid credentials can exploit insufficient path sanitization to escape the intended base directory and access sensitive data or modify system files. No patch is currently available for affected versions.

Path Traversal Opensift
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-55289 HIGH This Week

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored XSS vulnerability in Chamilo LMS (Verison 1.11.32) allows an attacker to inject arbitrary JavaScript into the platform’s social network and internal messaging features. [CVSS 8.8 HIGH]

XSS Chamilo Lms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-29089 HIGH This Week

Arbitrary code execution in TimescaleDB 2.23.0 through 2.25.1 allows local authenticated users to execute malicious functions by shadowing built-in PostgreSQL functions through user-writable schemas in the search_path setting during extension upgrades. An attacker with database access can create malicious functions in writable schemas that are invoked instead of legitimate PostgreSQL functions, resulting in code execution with database privileges. No patch is currently available for affected installations.

PostgreSQL RCE Timescaledb Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-20882 HIGH This Week

Unrestricted authentication requests in the WebSocket API enable attackers to launch denial-of-service attacks against charger telemetry systems or execute brute-force attacks to gain unauthorized access. The vulnerability affects systems relying on this API without rate-limiting controls, and no patch is currently available. An unauthenticated remote attacker can exploit this over the network with minimal complexity to disrupt service availability or compromise system access.

Authentication Bypass Mobiliti E Mobi Hu
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-27778 HIGH This Week

Denial-of-service and credential brute-forcing vulnerabilities in ePower.ie's WebSocket API allow remote unauthenticated attackers to disrupt electric vehicle charger operations or gain unauthorized system access. The API accepts unlimited authentication attempts without rate limiting (CWE-307), enabling attackers to suppress critical charger telemetry, mis-route charging station data, or systematically guess credentials. CISA ICS-CERT has published an advisory (ICSA-26-062-07) indicating industrial control system impact. EPSS score of 0.07% (21st percentile) suggests low automated exploitation probability, and no active exploitation or public POC is identified at time of analysis.

Authentication Bypass Epower Ie
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
Prev Page 2 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy