Skip to main content
CVE-2018-25351 HIGH POC This Week

Joomla!. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ek Rishta
NVD Exploit-DB
CVSS 4.0
8.8
EPSS
0.1%
CVE-2018-25348 HIGH POC This Week

Joomla!. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ek Rishta
NVD Exploit-DB
CVSS 4.0
8.8
EPSS
0.1%
CVE-2018-25342 HIGH POC This Week

Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'searched' parameter in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB GitHub
CVSS 4.0
8.8
EPSS
0.1%
CVE-2018-25341 HIGH POC This Week

Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB GitHub
CVSS 4.0
8.8
EPSS
0.1%
CVE-2018-25340 HIGH POC This Week

Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD Exploit-DB GitHub
CVSS 4.0
8.8
EPSS
0.1%
CVE-2018-25358 HIGH POC This Week

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link
NVD Exploit-DB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2018-25353 HIGH POC This Week

Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Authentication Bypass Redaxo Cms Mediapool
NVD Exploit-DB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2018-25356 HIGH POC This Week

SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Suse
NVD Exploit-DB GitHub
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25355 HIGH POC This Week

Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Audiograbber
NVD Exploit-DB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25345 HIGH POC This Week

10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field that allows attackers to bypass SafeSEH protections and execute arbitrary code. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Network Scanner
NVD Exploit-DB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25344 HIGH POC This Week

10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Stack Overflow Network Inventory Explorer
NVD Exploit-DB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-9295 HIGH POC This Week

Buffer overflow in the Edimax BR-6428NS 1.10 router's web management interface allows authenticated remote attackers to corrupt memory by submitting a crafted vapurl parameter to the formWirelessTbl POST handler at /goform/formWirelessTbl. Publicly available exploit code exists (released via VulDB and a Notion writeup), and the vendor has not responded to coordinated disclosure attempts. The flaw is not currently listed in CISA KEV, but the combination of public PoC, low attack complexity, and an unpatched/unresponsive vendor makes this a tangible risk for any exposed device.

Buffer Overflow Br 6428Ns
NVD VulDB
CVSS 4.0
7.4
EPSS
0.0%
CVE-2026-9294 HIGH POC This Week

Stack buffer overflow in the Edimax BR-6428NS 1.10 wireless router allows authenticated remote attackers to corrupt memory by sending an overlong pppUserName parameter to the /goform/formWanTcpipSetup endpoint. Publicly available exploit code exists, and the vendor failed to respond to the coordinated disclosure attempt, leaving devices without an official fix. With a CVSS of 8.8 and full CIA impact, successful exploitation can result in arbitrary code execution or device takeover on the embedded router.

Buffer Overflow Br 6428Ns
NVD VulDB
CVSS 4.0
7.4
EPSS
0.0%
CVE-2018-25346 HIGH POC This Week

WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi WordPress
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2018-25352 HIGH POC This Week

WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi WordPress
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2018-25347 HIGH POC This Week

WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through the FormMakerSQLMapping and. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi WordPress
NVD Exploit-DB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-6419 HIGH This Week

Privilege escalation in the WishList Member WordPress plugin (versions through 3.30.1) allows authenticated subscriber-level attackers to extract the plugin's plaintext REST API Secret Key and use it to create administrator accounts, resulting in full site takeover. The flaw is reachable via a single AJAX call (ajax_get_screen) that lacks capability and nonce checks. No public exploit identified at time of analysis, but the attack path is fully described in the Wordfence advisory and requires only low-privileged authenticated access.

WordPress Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-6897 HIGH This Week

Privilege escalation in the Wishlist Member WordPress plugin (versions through 3.30.1) allows any authenticated user with Subscriber-level access or higher to update arbitrary plugin options, including the REST API Secret Key, leading to full site takeover. The flaw stems from a missing capability check in the Team_Accounts::save_settings function, and although no public exploit identified at time of analysis, the low authentication bar and chained admin-account creation path make it a high-priority risk on any WordPress site that permits public registration.

WordPress Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-6895 HIGH This Week

Privilege escalation in the WishList Member WordPress plugin versions up to 3.30.1 allows authenticated low-privilege users to obtain the REST API Secret Key via the unprotected 'export_settings' AJAX endpoint and leverage it to register arbitrary administrator accounts. The CVSS 8.8 (High) rating reflects full confidentiality, integrity, and availability impact, and while no public exploit is identified at time of analysis, the discovery by Wordfence - a major WordPress security vendor - typically precedes broader exploitation against the large WordPress plugin ecosystem.

WordPress Information Disclosure Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-6898 HIGH This Week

Privilege escalation in the Wishlist Member WordPress plugin (versions ≤3.30.1) allows authenticated Subscriber-level users to overwrite the plugin's REST API Secret Key and abuse it to create administrator accounts, leading to full site takeover. The flaw stems from a missing capability check on the generate_api_key hook handler. No public exploit identified at time of analysis, though Wordfence has published a threat-intel advisory.

WordPress Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-43503 HIGH PATCH This Week

Memory corruption and potential information disclosure in the Linux kernel networking stack (skbuff) occurs because skb_try_coalesce() fails to propagate the SKBFL_SHARED_FRAG marker when transferring paged fragments between socket buffers. The flaw breaks an invariant relied upon by IPsec ESP input processing, which may then decrypt data in-place over page-cache-backed fragments belonging to other contexts. No public exploit identified at time of analysis, EPSS sits at 0.02%, and the issue is patched across multiple stable trees.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-47125 HIGH PATCH GHSA This Week

{id}/templates/variables endpoint, which lacks the checkAdmin() guard applied to every other admin-sensitive handler. Because global variables are merged into every project's compose file at deploy time, an attacker can redirect image pulls to a malicious registry to achieve cross-tenant supply-chain code execution on the Docker host, steal credentials from other users' deployments, or break every project on the instance. No public exploit identified at time of analysis, but the GHSA advisory documents the exact vulnerable code path.

Authentication Bypass Docker
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-47138 HIGH PATCH GHSA This Week

Pre-authentication denial of service in Parse Server (versions <8.6.77 and 9.0.0 through 9.9.0) allows remote unauthenticated attackers who know a publicly-discoverable Parse Application ID to pin Node.js workers for seconds to minutes by sending a crafted X-Parse-Client-Version header or _ClientVersion JSON body field that triggers polynomial regex backtracking in the client SDK version parser. The parser runs before session authentication and rate limiting on every /parse/* request, so a handful of concurrent requests can saturate a worker fleet. No public exploit identified at time of analysis, EPSS sits at 0.16% (37th percentile), and the issue is not in CISA KEV.

Node.js Denial Of Service
NVD GitHub
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-9284 HIGH This Week

Unauthorized order manipulation and information disclosure in the WooCommerce PayPal Payments WordPress plugin (versions through 4.0.1) allows remote unauthenticated attackers to abuse two WC-AJAX endpoints (ppc-create-order and ppc-get-order) that lack authorization checks. By chaining these endpoints, an attacker can create a PayPal order against any victim's WooCommerce order ID and then retrieve full PayPal order details including payer information and shipping data. No public exploit identified at time of analysis, but the plugin's broad e-commerce deployment and trivial attack complexity make this a credible target.

WordPress Information Disclosure Authentication Bypass
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-46717 HIGH PATCH GHSA This Week

Server-side request forgery in Nezha Monitoring dashboard (versions >=1.4.0, <1.14.15-0.20260517022419-d06d539d34c1) allows authenticated low-privilege RoleMember accounts to issue arbitrary HTTP requests to intranet targets via the POST /api/v1/notification and PATCH /api/v1/notification/:id endpoints, with full unbounded response bodies reflected back through error messages. Publicly available exploit code exists in the GHSA advisory, though EPSS is 0.03% (9th percentile) suggesting low mass-exploitation likelihood against this niche server-monitoring tool. Root cause is a missing adminHandler authorization gate combined with a notification webhook tester that ignores private/loopback CIDRs and lacks an io.LimitReader.

Authentication Bypass SSRF
NVD GitHub VulDB
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-47120 HIGH PATCH GHSA This Week

Privilege escalation in Nezha Monitoring (>= 1.4.0, < 1.14.15-0.20260517022419-d7526351cf97) lets an authenticated RoleMember invoke arbitrary cron tasks owned by other users - including admins - by referencing their task IDs in an alert rule's FailTriggerTasks/RecoverTriggerTasks fields. When the attacker's alert trips, the admin's cron command fans out to every connected agent, yielding cross-tenant command execution across the entire monitored fleet. EPSS is very low (0.04%), no public exploit identified at time of analysis beyond the PoC embedded in the GHSA advisory, and the vendor has shipped a patched commit.

Authentication Bypass
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy