Skip to main content

PHP

24729 CVEs product

Monthly

CVE-2026-3164 MEDIUM POC This Month

SQL injection in the News Portal Project 1.0 /admin/contactus.php endpoint allows unauthenticated remote attackers to manipulate the pagetitle parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. Successful exploitation could enable data theft, modification, or denial of service against affected installations.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3153 MEDIUM POC This Month

SQL injection in itsourcecode Document Management System 1.0 via the Username parameter in /register.php allows unauthenticated remote attackers to execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems face potential data theft, modification, and denial of service through successful exploitation.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3152 MEDIUM POC This Month

SQL injection in itsourcecode College Management System 1.0 via the teacher_id parameter in /admin/teacher-salary.php enables unauthenticated remote attackers to execute arbitrary database queries and manipulate sensitive payroll data. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects confidentiality, integrity, and availability of the system.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3151 MEDIUM POC This Month

SQL injection in itsourcecode College Management System 1.0's login functionality allows remote attackers to manipulate the email parameter and execute arbitrary SQL queries without authentication. Public exploit code exists for this vulnerability, enabling immediate attack capability against unpatched systems. The flaw permits data disclosure, modification, and potential service disruption with a CVSS score of 7.3.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3150 LOW POC Monitor

SQL injection in itsourcecode College Management System 1.0's teacher management interface allows authenticated attackers to manipulate the teacher_id parameter in /admin/display-teacher.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, enabling remote exploitation by users with administrative access. The vulnerability remains unpatched and carries medium severity with potential for data confidentiality, integrity, and availability compromise.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3149 LOW POC Monitor

College Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3148 MEDIUM POC This Month

Simple And Nice Shopping Cart Script versions up to 1.0 contains a security vulnerability (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-27747 HIGH PATCH This Week

SQL injection in the SPIP interface_traduction_objets plugin before version 2.2.2 allows authenticated editors to execute arbitrary database queries through unsanitized input in translation request parameters. Attackers can exploit this to read, modify, or delete database contents, or cause denial of service. A patch is available and should be applied immediately to affected installations.

PHP SQLi Denial Of Service Interface Traduction Objets
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-27636 HIGH POC PATCH Act Now

Remote code execution in FreeScout prior to version 1.8.206 allows authenticated users to upload `.htaccess` files that bypass file upload restrictions, enabling arbitrary code execution on Apache servers with `AllowOverride All` enabled. Public exploit code exists for this vulnerability. The attack requires valid user credentials but affects all FreeScout installations using the vulnerable PHP Laravel framework configuration.

Apache PHP Laravel RCE Freescout
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-27632 LOW POC Monitor

Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery (CSRF) protections on critical state-changing endpoints, specifically within `SubmitChat.php` and other game interaction handlers. [CVSS 2.6 LOW]

PHP CSRF
NVD GitHub
CVSS 3.1
2.6
EPSS
0.0%
CVE-2026-25131 HIGH POC PATCH This Week

OpenEMR versions prior to 8.0.0 contain a broken access control flaw in the order types management system that allows low-privilege users (such as receptionists) to create and modify procedure types without proper authorization. Public exploit code exists for this vulnerability, which has a CVSS score of 8.8 and could enable unauthorized users to manipulate critical medical procedure data. The vulnerability has been patched in version 8.0.0 and later.

PHP Openemr
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25124 MEDIUM POC PATCH This Month

OpenEMR prior to version 8.0.0 allows low-privileged users to export sensitive patient and medical data through the message_list.php report functionality due to missing access controls. The vulnerability affects receptionists and similar roles who can bypass authorization checks to extract entire message databases containing confidential information. Public exploit code exists for this issue, though a patch is available in version 8.0.0 and later.

PHP CSRF Openemr
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24896 MEDIUM POC PATCH This Month

OpenEMR versions before 8.0.0 contain an improper access control flaw in the edih_main.php endpoint that allows any authenticated user, including low-privilege accounts like Receptionists, to retrieve sensitive EDI log files by manipulating the log_select parameter. The vulnerability bypasses role-based access controls that should restrict access through the GUI, enabling unauthorized disclosure of system logs. Public exploit code exists for this issue, which is fixed in version 8.0.0.

PHP Openemr
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24849 CRITICAL POC PATCH Act Now

Path traversal in OpenEMR electronic health records before fix allows authenticated users to read arbitrary files on the server, potentially exposing patient health data. PoC and patch available.

PHP Openemr
NVD GitHub Exploit-DB VulDB
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-3135 MEDIUM POC This Month

SQL injection in itsourcecode News Portal Project 1.0 via the Category parameter in /admin/add-category.php allows unauthenticated remote attackers to manipulate database queries. Public exploit code is available for this vulnerability, and no patch has been released, leaving affected installations vulnerable to data exfiltration, modification, or deletion. The attack requires no user interaction and can be executed over the network with a CVSS score of 7.3.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3134 MEDIUM POC This Month

SQL injection in itsourcecode News Portal Project 1.0's category editing functionality allows unauthenticated remote attackers to manipulate the Category parameter and execute arbitrary SQL queries. Public exploit code is available for this vulnerability, increasing the likelihood of active exploitation. Currently, no patch is available to remediate this issue.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3133 MEDIUM POC This Month

SQL injection in itsourcecode Document Management System 1.0 login functionality allows unauthenticated remote attackers to manipulate the Username parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires only network access with no user interaction, enabling attackers to potentially read, modify, or delete sensitive data within the application.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-26351 MEDIUM This Month

Stored XSS in GetSimpleCMS Community Edition 3.3.16 allows authenticated administrators to inject malicious JavaScript through the component slug field, which persists in XML storage and executes when other users access the Components page. An attacker with admin privileges can exploit this to hijack sessions, perform unauthorized administrative actions, and persistently compromise the CMS interface for all authenticated users. The vulnerability affects PHP-based GetSimpleCMS installations and currently has no available patch.

PHP XSS Getsimple Cms
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2025-62512 MEDIUM POC This Month

Piwigo is an open source photo gallery application for the web. In version 15.5.0 and likely earlier 15.x releases, the password reset functionality in Piwigo allows an unauthenticated attacker to determine whether a given username or email address exists in the system. [CVSS 5.3 MEDIUM]

PHP Golang Piwigo
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-27590 Go CRITICAL POC PATCH Act Now

FastCGI path splitting vulnerability in Caddy before 2.11.1 allows request smuggling or path confusion when proxying to FastCGI backends (PHP-FPM). EPSS 0.19% with PoC available.

PHP TLS RCE Caddy Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-27732 PHP HIGH PATCH This Week

Server-side request forgery in AVideo prior to version 22.0 allows authenticated users to make arbitrary outbound requests from the affected server via an unvalidated downloadURL parameter in the aVideoEncoder.json.php endpoint. An attacker can exploit this to probe internal network services, access metadata endpoints, and retrieve sensitive data, potentially leading to further system compromise. This affects PHP deployments running vulnerable AVideo versions.

PHP SSRF Avideo
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-14577 CRITICAL Act Now

PHP function injection in Slican NCP/IPL/IPM/IPU VOIP devices allows unauthenticated remote attackers to execute arbitrary PHP functions. Network telecommunications equipment vulnerability.

PHP Ipu 14 Firmware Ipm 032 Firmware Ipl 256 Firmware Ncp Firmware
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-15589 LOW POC Monitor

A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file application/admin/controller/Template.php of the component Template Management Page. [CVSS 3.8 LOW]

PHP Path Traversal
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-15386 HIGH This Week

The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved. [CVSS 8.8 HIGH]

WordPress PHP
NVD WPScan
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3070 LOW POC Monitor

Reflected XSS in SourceCodester Modern Image Gallery App 1.0 allows unauthenticated remote attackers to inject malicious scripts through the filename parameter in upload.php. Public exploit code exists for this vulnerability, though it requires user interaction to succeed. No patch is currently available.

PHP XSS File Upload
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3069 MEDIUM POC This Month

SQL injection in itsourcecode Document Management System 1.0 via the field1 parameter in /edtlbls.php enables unauthenticated remote attackers to compromise data confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can be executed over the network with minimal complexity.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3068 MEDIUM POC This Month

Document Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3057 LOW POC Monitor

SQL injection in PearProjectApi up to version 2.8.10 allows authenticated attackers to execute arbitrary SQL queries through the projectCode parameter in the dateTotalForProject function. Public exploit code exists for this vulnerability, enabling remote attacks with potential to read, modify, or delete database contents. The vendor has not released a patch despite early notification.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3046 MEDIUM POC This Month

E-Logbook With Health Monitoring System For Covid-19 versions up to 1.0 contains a security vulnerability (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3043 LOW POC Monitor

Reflected cross-site scripting in itsourcecode Event Management System 1.0 allows unauthenticated remote attackers to inject malicious scripts via the page parameter in /admin/navbar.php. Public exploit code exists for this vulnerability, enabling attackers to steal session tokens or perform actions on behalf of administrators. No patch is currently available.

PHP XSS
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-3042 MEDIUM POC This Month

SQL injection in itsourcecode Event Management System 1.0 allows unauthenticated remote attackers to manipulate the ID parameter in /admin/index.php and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can leverage this to access, modify, or delete sensitive data with confidentiality, integrity, and availability impact.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-23694 This Week

Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery (CSRF) vulnerability affecting multiple administrative AJAX actions.

WordPress PHP CSRF
NVD
EPSS
0.0%
CVE-2026-26464 MEDIUM POC This Month

Society Management System Portal versions up to 1.0 is affected by cross-site scripting (xss) (CVSS 6.1).

PHP XSS Society Management System Portal
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-2984 MEDIUM POC This Month

Student Result Management System versions up to 1.0 is affected by improper resource shutdown or release (CVSS 6.5).

PHP Denial Of Service
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-40986 This Week

Reflected Cross-Site Scripting (XSS) vulnerability in PideTuCita. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the endpoint 'cookies/indes.php/<XSS>'.

PHP XSS
NVD
EPSS
0.0%
CVE-2026-2983 MEDIUM POC This Month

SourceCodester Student Result Management System 1.0 contains improper access controls in the bulk user import functionality that allows unauthenticated remote attackers to manipulate file parameters and gain unauthorized access. Public exploit code exists for this vulnerability, though no patch is currently available. The attack requires no user interaction and can be exploited over the network with basic complexity.

PHP Information Disclosure
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-41002 This Week

SQL injection vulnerability in Infoticketing. This vulnerability allows an unauthenticated attacker to retrieve, create, update, and delete the database by sending a POST request using the 'code' parameter in '/components/cart/cartApplyDiscount.php'.

PHP SQLi
NVD
EPSS
0.1%
CVE-2026-2952 MEDIUM POC This Month

Remote code execution in Vaelsys 4.1.0 allows unauthenticated attackers to execute arbitrary OS commands via malicious xajaxargs parameters sent to the /tree/tree_server.php endpoint. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. This network-accessible flaw poses immediate risk to exposed Vaelsys installations.

PHP Command Injection
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.3%
CVE-2019-25452 HIGH POC This Week

Dolibarr ERP/CRM 10.0.1 contains an SQL injection vulnerability in the elemid POST parameter of the viewcat.php endpoint that allows unauthenticated attackers to execute arbitrary SQL queries. [CVSS 7.5 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2019-25450 HIGH POC This Week

Dolibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. [CVSS 7.5 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2019-25446 HIGH POC This Week

DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2019-25443 HIGH POC This Week

Inventory Webapp contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2019-25440 HIGH POC This Week

WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prod_id parameter. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2019-25433 HIGH POC This Week

XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2019-25391 HIGH POC This Week

Ashop Shopping Cart Software contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through the blacklistitemid parameter. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-2944 MEDIUM POC This Month

Remote code execution in Tosei Online Store Management System 1.01 allows unauthenticated attackers to execute arbitrary OS commands through the DevId parameter in /cgi-bin/monitor.php. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. The attack requires no user interaction and is exploitable over the network.

PHP Command Injection
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-2943 LOW Monitor

Cross-site scripting in SapneshNaik Student Management System allows remote attackers to inject malicious scripts through the Error parameter in index.php, with public exploit code available. The vulnerability requires user interaction to trigger and has a low CVSS score of 4.3, but no patch is currently available from the unresponsive vendor.

PHP XSS
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-2938 MEDIUM POC This Month

Improper access control in SourceCodester Student Result Management System 1.0 allows unauthenticated remote attackers to manipulate the SMTP configuration through the update_smtp.php endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations running vulnerable PHP-based installations face potential compromise of email settings and system integrity.

PHP Information Disclosure
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-2934 LOW POC Monitor

A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/D_friendLinkGroup.php of the component Extended Management Module. [CVSS 2.4 LOW]

PHP XSS
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-2933 LOW POC Monitor

A weakness has been identified in YiFang CMS up to 2.0.5. This affects the function update of the file app/db/admin/D_adManage.php of the component Extended Management Module. [CVSS 2.4 LOW]

PHP XSS
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-2932 LOW POC Monitor

A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/D_adPosition.php of the component Extended Management Module. [CVSS 2.4 LOW]

PHP XSS
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-2912 MEDIUM POC This Month

SQL injection in Online Reviewer System 1.0 allows unauthenticated remote attackers to manipulate the test_id parameter in the student results view functionality, enabling unauthorized database access and potential data modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-2898 PHP LOW POC Monitor

Funadmin up to version 7.1.0-rc4 contains an unsafe deserialization vulnerability in the AuthCloudService.php getMember function that allows authenticated remote attackers to manipulate the cloud_account parameter and execute arbitrary code. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

PHP Deserialization
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-2896 PHP MEDIUM POC This Month

Funadmin versions up to 7.1.0 contains a vulnerability that allows attackers to improper authorization (CVSS 7.3).

PHP Information Disclosure
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-2895 PHP LOW POC Monitor

A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forget_code/vercode results in weak password recovery. Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about...

PHP Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.1%
CVE-2026-2867 MEDIUM This Month

Vehicle Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-14339 MEDIUM This Month

The weMail - Email Marketing, Lead Generation, Optin Forms, Email Newsletters, A/B Testing, and Automation plugin for WordPress is vulnerable to unauthorized form deletion in all versions up to, and including, 2.0.7. [CVSS 6.5 MEDIUM]

WordPress PHP
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-2865 MEDIUM POC This Month

SQL injection in the Agri Trading Online Shopping System 1.0 admin panel allows unauthenticated remote attackers to manipulate product parameters and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the HTTP POST request handler in admin/productcontroller.php and enables data exfiltration, modification, and potential denial of service.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-27470 HIGH POC This Week

SQL injection in ZoneMinder's status.php getNearEvents() function allows authenticated users with event management permissions to execute arbitrary database queries through improperly sanitized Event Name and Cause fields in versions 1.36.37 and below or 1.37.61 through 1.38.0. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker could extract sensitive data, modify database contents, or potentially achieve code execution depending on database permissions and configuration.

PHP SQLi Zoneminder
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-27206 PHP HIGH PATCH This Week

Zumba Json Serializer versions 3.2.2 and below allow unrestricted PHP object instantiation during JSON deserialization, enabling attackers to trigger arbitrary class constructors and magic methods via malicious @type fields. When processing untrusted JSON input, this vulnerability can lead to PHP Object Injection and remote code execution if vulnerable gadget chains are present in the application or its dependencies. The vulnerability affects applications using affected PHP serialization libraries and currently lacks a patched version.

PHP RCE Deserialization
NVD GitHub
CVSS 3.1
8.1
EPSS
0.4%
CVE-2026-2035 MEDIUM This Month

Remote code execution in Deciso OPNsense's backup functionality allows authenticated network-adjacent attackers to execute arbitrary commands with root privileges through insufficient input validation in the diag_backup.php file. An attacker with valid credentials can inject malicious commands into backup filename parameters to achieve code execution on the affected system. No patch is currently available for this vulnerability.

PHP RCE Command Injection
NVD GitHub
CVSS 3.0
6.8
EPSS
0.2%
CVE-2019-25454 MEDIUM POC This Month

phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the collection parameter. [CVSS 6.1 MEDIUM]

PHP XSS Phpmoadmin
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2019-25453 MEDIUM POC This Month

phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. [CVSS 6.1 MEDIUM]

PHP XSS Phpmoadmin
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2019-25451 HIGH POC This Week

phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. [CVSS 8.8 HIGH]

PHP CSRF Phpmoadmin
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2019-25438 HIGH POC This Week

LabCollector 5.423 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through POST parameters. [CVSS 7.5 HIGH]

PHP SQLi Labcollector
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2018-25158 HIGH POC This Week

Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. [CVSS 8.8 HIGH]

PHP
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-24892 HIGH POC PATCH This Week

Unsafe PHP deserialization in openITCOCKPIT Community Edition 5.3.1 and earlier allows authenticated attackers to inject malicious serialized objects through changelog entries, with public exploit code available. While no current attack path has been identified, an unrestricted unserialize() call creates a latent remote code execution vulnerability that could be exploited if future code changes introduce exploitable object types into the deserialization path. Authenticated access is required, but the HIGH severity rating reflects the potential for complete system compromise if this latent flaw is activated.

PHP Prometheus RCE Deserialization Openitcockpit
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2019-25445 MEDIUM POC This Month

Fiverr Clone Script 1.2.2 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the keyword parameter. [CVSS 6.1 MEDIUM]

PHP XSS Fiverr Clone Script
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-24891 HIGH POC This Week

Remote code execution in openITCOCKPIT 5.3.1 and earlier via unsafe deserialization in the Gearman worker component, which calls unserialize() on untrusted job payloads without validation or class restrictions. Attackers can exploit this by submitting crafted serialized objects to trigger PHP Object Injection when Gearman is exposed to untrusted networks. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP Prometheus Deserialization Openitcockpit
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-2848 MEDIUM POC This Month

SQL injection in SourceCodester Simple Responsive Tourism Website 1.0 allows unauthenticated remote attackers to manipulate the Username parameter during registration, potentially enabling data exfiltration, modification, or denial of service. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-27506 MEDIUM This Month

SVXportal 2.5 and earlier allows authenticated users to inject malicious scripts into user profile fields (firstname, lastname, email, image_url) that execute in administrators' browsers when viewing user management pages. An attacker with a valid account can exploit this stored XSS vulnerability to perform administrative actions or steal session credentials by targeting users with higher privileges. No patch is currently available for this vulnerability.

PHP XSS Svxportal
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-27505 MEDIUM This Month

SVXportal version 2.5 and earlier allow unauthenticated attackers to perform stored cross-site scripting attacks through the user registration form, where unencoded user inputs are persisted and executed in administrator browsers. An attacker can inject malicious JavaScript via registration fields like firstname, lastname, or email that will trigger when administrators access the users management interface. No patch is currently available for this vulnerability.

PHP XSS Svxportal
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-27504 MEDIUM This Month

SVXportal 2.5 and earlier allows authenticated attackers to inject arbitrary scripts through an unsanitized stationid parameter in radiomobile_front.php, which executes in an administrator's browser context when they visit a crafted URL. This reflected XSS vulnerability enables attackers to hijack admin sessions or execute unauthorized actions with administrative privileges. No patch is currently available.

PHP XSS Svxportal
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-27503 MEDIUM This Month

Reflected XSS in SVXportal 2.5 and earlier allows attackers to inject malicious JavaScript through the search parameter in admin/log.php, which executes in administrators' browsers when they visit a crafted URL. An authenticated attacker could exploit this to steal admin sessions, forge administrative actions, or perform other browser-based attacks with elevated privileges. No patch is currently available.

PHP XSS Svxportal
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-27502 MEDIUM This Month

Reflected XSS in SVXportal 2.5 and earlier allows unauthenticated attackers to inject malicious JavaScript through an unsanitized search parameter in log.php, enabling session hijacking or unauthorized actions when victims click a crafted link. The vulnerability requires user interaction but has no authentication requirement and affects all users of the vulnerable versions.

PHP XSS Svxportal
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-26747 CRITICAL POC Act Now

Host Header Poisoning in Monica 4.1.2 CRM. PoC available.

PHP Monica
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-26746 HIGH POC This Week

Open Source Point Of Sale versions up to 3.4.1 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE LFI Open Source Point Of Sale
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-70833 CRITICAL Act Now

Auth bypass in Smanga 3.2.7 allows unauthenticated password reset for any user including admin.

PHP Authentication Bypass Smanga
NVD GitHub
CVSS 3.1
9.4
EPSS
0.1%
CVE-2025-15583 LOW POC Monitor

A weakness has been identified in detronetdip E-commerce 1.0.0. This affects the function get_safe_value of the file utility/function.php. [CVSS 3.5 LOW]

PHP XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-22381 HIGH This Week

Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends is affected by php remote file inclusion (CVSS 8.1).

WordPress PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22380 HIGH This Week

Local file inclusion in AncoraThemes Unlimhost through version 1.2.3 allows unauthenticated attackers to read arbitrary files from the server via improper handling of include/require statements. The vulnerability carries high confidentiality and integrity impact, enabling attackers to potentially access sensitive configuration files or execute code through log poisoning techniques. No patch is currently available for this issue.

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22379 HIGH This Week

AncoraThemes Netmix versions 1.0.10 and earlier contain a local file inclusion vulnerability in PHP file handling that allows unauthenticated remote attackers to read sensitive files from the affected system. The vulnerability stems from improper validation of filenames in include/require statements, enabling attackers to traverse directories and access arbitrary files on the server. No patch is currently available for this high-severity issue (CVSS 8.1).

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22378 HIGH This Week

Blabber through version 1.7.0 contains a local file inclusion vulnerability in its PHP code that allows unauthenticated attackers to read arbitrary files from the server. An attacker can exploit improper filename validation in include/require statements to access sensitive system files without authentication. No patch is currently available for this high-severity vulnerability affecting PHP environments.

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22377 HIGH This Week

Local file inclusion in AncoraThemes Saveo through version 1.1.2 enables unauthenticated attackers to read arbitrary files on affected servers through improper input validation on file inclusion functions. The vulnerability carries high severity with complete confidentiality and integrity impacts, though no patch is currently available.

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22376 HIGH This Week

AncoraThemes Parkivia through version 1.1.9 contains a local file inclusion vulnerability in its PHP include/require handling that allows unauthenticated remote attackers to read arbitrary files from the server. The vulnerability exploits improper filename control mechanisms to access sensitive system files without authentication. No patch is currently available, and exploitation requires moderate attack complexity but results in high confidentiality, integrity, and availability impact.

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22375 HIGH This Week

AncoraThemes Impacto Patronus through version 1.2.3 contains a local file inclusion vulnerability in its PHP include/require handling that allows attackers to read arbitrary files on the server. An unauthenticated remote attacker can exploit this vulnerability to access sensitive configuration files, credentials, and other protected data without authentication. No patch is currently available for this vulnerability.

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22374 HIGH This Week

AncoraThemes Zio Alberto through version 1.2.2 contains a local file inclusion vulnerability in its PHP file handling that allows unauthenticated attackers to read arbitrary files from the server. The vulnerability stems from improper validation of file paths in include/require statements, enabling attackers to traverse the filesystem and access sensitive data. No patch is currently available for this issue.

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22373 HIGH This Week

PHP Local File Inclusion in AncoraThemes Fooddy through version 1.3.10 enables attackers to read arbitrary files on the server through improper input validation in file inclusion mechanisms. An unauthenticated remote attacker can exploit this vulnerability over the network to access sensitive files and potentially execute arbitrary code, achieving high impact on confidentiality, integrity, and availability. No patch is currently available for this vulnerability.

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22372 HIGH This Week

AncoraThemes Isida through version 1.4.2 contains a local file inclusion vulnerability in its PHP file handling that allows unauthenticated attackers to read arbitrary files from the server. The flaw stems from improper validation of include/require statements, enabling attackers to access sensitive files and potentially execute arbitrary code. No patch is currently available, and exploitation requires moderate complexity conditions.

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-22371 HIGH This Week

AncoraThemes Gustavo plugin version 1.2.2 and earlier contains a local file inclusion vulnerability in its PHP file handling that allows unauthenticated remote attackers to read arbitrary files from the server. The vulnerability stems from improper validation of filenames in include/require statements, enabling attackers to traverse the filesystem and access sensitive data. With no available patch, affected sites running vulnerable versions face significant risk of information disclosure.

PHP LFI
NVD
CVSS 3.1
8.1
EPSS
0.2%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in the News Portal Project 1.0 /admin/contactus.php endpoint allows unauthenticated remote attackers to manipulate the pagetitle parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. Successful exploitation could enable data theft, modification, or denial of service against affected installations.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in itsourcecode Document Management System 1.0 via the Username parameter in /register.php allows unauthenticated remote attackers to execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. Affected systems face potential data theft, modification, and denial of service through successful exploitation.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in itsourcecode College Management System 1.0 via the teacher_id parameter in /admin/teacher-salary.php enables unauthenticated remote attackers to execute arbitrary database queries and manipulate sensitive payroll data. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects confidentiality, integrity, and availability of the system.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in itsourcecode College Management System 1.0's login functionality allows remote attackers to manipulate the email parameter and execute arbitrary SQL queries without authentication. Public exploit code exists for this vulnerability, enabling immediate attack capability against unpatched systems. The flaw permits data disclosure, modification, and potential service disruption with a CVSS score of 7.3.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in itsourcecode College Management System 1.0's teacher management interface allows authenticated attackers to manipulate the teacher_id parameter in /admin/display-teacher.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, enabling remote exploitation by users with administrative access. The vulnerability remains unpatched and carries medium severity with potential for data confidentiality, integrity, and availability compromise.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

College Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 6.3).

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Simple And Nice Shopping Cart Script versions up to 1.0 contains a security vulnerability (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

SQL injection in the SPIP interface_traduction_objets plugin before version 2.2.2 allows authenticated editors to execute arbitrary database queries through unsanitized input in translation request parameters. Attackers can exploit this to read, modify, or delete database contents, or cause denial of service. A patch is available and should be applied immediately to affected installations.

PHP SQLi Denial Of Service +1
NVD
EPSS 0% CVSS 8.8
HIGH POC PATCH Act Now

Remote code execution in FreeScout prior to version 1.8.206 allows authenticated users to upload `.htaccess` files that bypass file upload restrictions, enabling arbitrary code execution on Apache servers with `AllowOverride All` enabled. Public exploit code exists for this vulnerability. The attack requires valid user credentials but affects all FreeScout installations using the vulnerable PHP Laravel framework configuration.

Apache PHP Laravel +2
NVD GitHub
EPSS 0% CVSS 2.6
LOW POC Monitor

Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871a14c192d1fb8146cdbc76f29f27c1cf48, the Talishar application lacks Cross-Site Request Forgery (CSRF) protections on critical state-changing endpoints, specifically within `SubmitChat.php` and other game interaction handlers. [CVSS 2.6 LOW]

PHP CSRF
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

OpenEMR versions prior to 8.0.0 contain a broken access control flaw in the order types management system that allows low-privilege users (such as receptionists) to create and modify procedure types without proper authorization. Public exploit code exists for this vulnerability, which has a CVSS score of 8.8 and could enable unauthorized users to manipulate critical medical procedure data. The vulnerability has been patched in version 8.0.0 and later.

PHP Openemr
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

OpenEMR prior to version 8.0.0 allows low-privileged users to export sensitive patient and medical data through the message_list.php report functionality due to missing access controls. The vulnerability affects receptionists and similar roles who can bypass authorization checks to extract entire message databases containing confidential information. Public exploit code exists for this issue, though a patch is available in version 8.0.0 and later.

PHP CSRF Openemr
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

OpenEMR versions before 8.0.0 contain an improper access control flaw in the edih_main.php endpoint that allows any authenticated user, including low-privilege accounts like Receptionists, to retrieve sensitive EDI log files by manipulating the log_select parameter. The vulnerability bypasses role-based access controls that should restrict access through the GUI, enabling unauthorized disclosure of system logs. Public exploit code exists for this issue, which is fixed in version 8.0.0.

PHP Openemr
NVD GitHub
EPSS 0% CVSS 9.9
CRITICAL POC PATCH Act Now

Path traversal in OpenEMR electronic health records before fix allows authenticated users to read arbitrary files on the server, potentially exposing patient health data. PoC and patch available.

PHP Openemr
NVD GitHub Exploit-DB VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in itsourcecode News Portal Project 1.0 via the Category parameter in /admin/add-category.php allows unauthenticated remote attackers to manipulate database queries. Public exploit code is available for this vulnerability, and no patch has been released, leaving affected installations vulnerable to data exfiltration, modification, or deletion. The attack requires no user interaction and can be executed over the network with a CVSS score of 7.3.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in itsourcecode News Portal Project 1.0's category editing functionality allows unauthenticated remote attackers to manipulate the Category parameter and execute arbitrary SQL queries. Public exploit code is available for this vulnerability, increasing the likelihood of active exploitation. Currently, no patch is available to remediate this issue.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in itsourcecode Document Management System 1.0 login functionality allows unauthenticated remote attackers to manipulate the Username parameter and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires only network access with no user interaction, enabling attackers to potentially read, modify, or delete sensitive data within the application.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM This Month

Stored XSS in GetSimpleCMS Community Edition 3.3.16 allows authenticated administrators to inject malicious JavaScript through the component slug field, which persists in XML storage and executes when other users access the Components page. An attacker with admin privileges can exploit this to hijack sessions, perform unauthorized administrative actions, and persistently compromise the CMS interface for all authenticated users. The vulnerability affects PHP-based GetSimpleCMS installations and currently has no available patch.

PHP XSS Getsimple Cms
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM POC This Month

Piwigo is an open source photo gallery application for the web. In version 15.5.0 and likely earlier 15.x releases, the password reset functionality in Piwigo allows an unauthenticated attacker to determine whether a given username or email address exists in the system. [CVSS 5.3 MEDIUM]

PHP Golang Piwigo
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

FastCGI path splitting vulnerability in Caddy before 2.11.1 allows request smuggling or path confusion when proxying to FastCGI backends (PHP-FPM). EPSS 0.19% with PoC available.

PHP TLS RCE +2
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Server-side request forgery in AVideo prior to version 22.0 allows authenticated users to make arbitrary outbound requests from the affected server via an unvalidated downloadURL parameter in the aVideoEncoder.json.php endpoint. An attacker can exploit this to probe internal network services, access metadata endpoints, and retrieve sensitive data, potentially leading to further system compromise. This affects PHP deployments running vulnerable AVideo versions.

PHP SSRF Avideo
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

PHP function injection in Slican NCP/IPL/IPM/IPU VOIP devices allows unauthenticated remote attackers to execute arbitrary PHP functions. Network telecommunications equipment vulnerability.

PHP Ipu 14 Firmware Ipm 032 Firmware +2
NVD
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file application/admin/controller/Template.php of the component Template Management Page. [CVSS 3.8 LOW]

PHP Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH This Week

The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved. [CVSS 8.8 HIGH]

WordPress PHP
NVD WPScan
EPSS 0% CVSS 2.1
LOW POC Monitor

Reflected XSS in SourceCodester Modern Image Gallery App 1.0 allows unauthenticated remote attackers to inject malicious scripts through the filename parameter in upload.php. Public exploit code exists for this vulnerability, though it requires user interaction to succeed. No patch is currently available.

PHP XSS File Upload
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in itsourcecode Document Management System 1.0 via the field1 parameter in /edtlbls.php enables unauthenticated remote attackers to compromise data confidentiality, integrity, and availability. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can be executed over the network with minimal complexity.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Document Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in PearProjectApi up to version 2.8.10 allows authenticated attackers to execute arbitrary SQL queries through the projectCode parameter in the dateTotalForProject function. Public exploit code exists for this vulnerability, enabling remote attacks with potential to read, modify, or delete database contents. The vendor has not released a patch despite early notification.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

E-Logbook With Health Monitoring System For Covid-19 versions up to 1.0 contains a security vulnerability (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

Reflected cross-site scripting in itsourcecode Event Management System 1.0 allows unauthenticated remote attackers to inject malicious scripts via the page parameter in /admin/navbar.php. Public exploit code exists for this vulnerability, enabling attackers to steal session tokens or perform actions on behalf of administrators. No patch is currently available.

PHP XSS
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in itsourcecode Event Management System 1.0 allows unauthenticated remote attackers to manipulate the ID parameter in /admin/index.php and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can leverage this to access, modify, or delete sensitive data with confidentiality, integrity, and availability impact.

PHP SQLi
NVD GitHub VulDB
EPSS 0%
This Week

Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery (CSRF) vulnerability affecting multiple administrative AJAX actions.

WordPress PHP CSRF
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Society Management System Portal versions up to 1.0 is affected by cross-site scripting (xss) (CVSS 6.1).

PHP XSS Society Management System Portal
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Student Result Management System versions up to 1.0 is affected by improper resource shutdown or release (CVSS 6.5).

PHP Denial Of Service
NVD GitHub VulDB
EPSS 0%
This Week

Reflected Cross-Site Scripting (XSS) vulnerability in PideTuCita. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL using the endpoint 'cookies/indes.php/<XSS>'.

PHP XSS
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SourceCodester Student Result Management System 1.0 contains improper access controls in the bulk user import functionality that allows unauthenticated remote attackers to manipulate file parameters and gain unauthorized access. Public exploit code exists for this vulnerability, though no patch is currently available. The attack requires no user interaction and can be exploited over the network with basic complexity.

PHP Information Disclosure
NVD GitHub VulDB
EPSS 0%
This Week

SQL injection vulnerability in Infoticketing. This vulnerability allows an unauthenticated attacker to retrieve, create, update, and delete the database by sending a POST request using the 'code' parameter in '/components/cart/cartApplyDiscount.php'.

PHP SQLi
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Remote code execution in Vaelsys 4.1.0 allows unauthenticated attackers to execute arbitrary OS commands via malicious xajaxargs parameters sent to the /tree/tree_server.php endpoint. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. This network-accessible flaw poses immediate risk to exposed Vaelsys installations.

PHP Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH POC This Week

Dolibarr ERP/CRM 10.0.1 contains an SQL injection vulnerability in the elemid POST parameter of the viewcat.php endpoint that allows unauthenticated attackers to execute arbitrary SQL queries. [CVSS 7.5 HIGH]

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH POC This Week

Dolibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. [CVSS 7.5 HIGH]

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

Inventory Webapp contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prod_id parameter. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

XOOPS CMS 2.5.9 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 8.2
HIGH POC This Week

Ashop Shopping Cart Software contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through the blacklistitemid parameter. [CVSS 8.2 HIGH]

PHP SQLi
NVD Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Remote code execution in Tosei Online Store Management System 1.01 allows unauthenticated attackers to execute arbitrary OS commands through the DevId parameter in /cgi-bin/monitor.php. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. The attack requires no user interaction and is exploitable over the network.

PHP Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Cross-site scripting in SapneshNaik Student Management System allows remote attackers to inject malicious scripts through the Error parameter in index.php, with public exploit code available. The vulnerability requires user interaction to trigger and has a low CVSS score of 4.3, but no patch is currently available from the unresponsive vendor.

PHP XSS
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Improper access control in SourceCodester Student Result Management System 1.0 allows unauthenticated remote attackers to manipulate the SMTP configuration through the update_smtp.php endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations running vulnerable PHP-based installations face potential compromise of email settings and system integrity.

PHP Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW POC Monitor

A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/D_friendLinkGroup.php of the component Extended Management Module. [CVSS 2.4 LOW]

PHP XSS
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW POC Monitor

A weakness has been identified in YiFang CMS up to 2.0.5. This affects the function update of the file app/db/admin/D_adManage.php of the component Extended Management Module. [CVSS 2.4 LOW]

PHP XSS
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW POC Monitor

A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/D_adPosition.php of the component Extended Management Module. [CVSS 2.4 LOW]

PHP XSS
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in Online Reviewer System 1.0 allows unauthenticated remote attackers to manipulate the test_id parameter in the student results view functionality, enabling unauthorized database access and potential data modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 2.0
LOW POC Monitor

Funadmin up to version 7.1.0-rc4 contains an unsafe deserialization vulnerability in the AuthCloudService.php getMember function that allows authenticated remote attackers to manipulate the cloud_account parameter and execute arbitrary code. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.

PHP Deserialization
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Funadmin versions up to 7.1.0 contains a vulnerability that allows attackers to improper authorization (CVSS 7.3).

PHP Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.9
LOW POC Monitor

A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forget_code/vercode results in weak password recovery. Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about...

PHP Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

Vehicle Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

The weMail - Email Marketing, Lead Generation, Optin Forms, Email Newsletters, A/B Testing, and Automation plugin for WordPress is vulnerable to unauthorized form deletion in all versions up to, and including, 2.0.7. [CVSS 6.5 MEDIUM]

WordPress PHP
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in the Agri Trading Online Shopping System 1.0 admin panel allows unauthenticated remote attackers to manipulate product parameters and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw affects the HTTP POST request handler in admin/productcontroller.php and enables data exfiltration, modification, and potential denial of service.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

SQL injection in ZoneMinder's status.php getNearEvents() function allows authenticated users with event management permissions to execute arbitrary database queries through improperly sanitized Event Name and Cause fields in versions 1.36.37 and below or 1.37.61 through 1.38.0. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker could extract sensitive data, modify database contents, or potentially achieve code execution depending on database permissions and configuration.

PHP SQLi Zoneminder
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Zumba Json Serializer versions 3.2.2 and below allow unrestricted PHP object instantiation during JSON deserialization, enabling attackers to trigger arbitrary class constructors and magic methods via malicious @type fields. When processing untrusted JSON input, this vulnerability can lead to PHP Object Injection and remote code execution if vulnerable gadget chains are present in the application or its dependencies. The vulnerability affects applications using affected PHP serialization libraries and currently lacks a patched version.

PHP RCE Deserialization
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

Remote code execution in Deciso OPNsense's backup functionality allows authenticated network-adjacent attackers to execute arbitrary commands with root privileges through insufficient input validation in the diag_backup.php file. An attacker with valid credentials can inject malicious commands into backup filename parameters to achieve code execution on the affected system. No patch is currently available for this vulnerability.

PHP RCE Command Injection
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC This Month

phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the collection parameter. [CVSS 6.1 MEDIUM]

PHP XSS Phpmoadmin
NVD Exploit-DB
EPSS 0% CVSS 6.1
MEDIUM POC This Month

phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the newdb parameter. [CVSS 6.1 MEDIUM]

PHP XSS Phpmoadmin
NVD Exploit-DB
EPSS 0% CVSS 8.8
HIGH POC This Week

phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. [CVSS 8.8 HIGH]

PHP CSRF Phpmoadmin
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH POC This Week

LabCollector 5.423 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through POST parameters. [CVSS 7.5 HIGH]

PHP SQLi Labcollector
NVD Exploit-DB
EPSS 0% CVSS 8.8
HIGH POC This Week

Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. [CVSS 8.8 HIGH]

PHP
NVD GitHub Exploit-DB
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Unsafe PHP deserialization in openITCOCKPIT Community Edition 5.3.1 and earlier allows authenticated attackers to inject malicious serialized objects through changelog entries, with public exploit code available. While no current attack path has been identified, an unrestricted unserialize() call creates a latent remote code execution vulnerability that could be exploited if future code changes introduce exploitable object types into the deserialization path. Authenticated access is required, but the HIGH severity rating reflects the potential for complete system compromise if this latent flaw is activated.

PHP Prometheus RCE +2
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Fiverr Clone Script 1.2.2 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the keyword parameter. [CVSS 6.1 MEDIUM]

PHP XSS Fiverr Clone Script
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH POC This Week

Remote code execution in openITCOCKPIT 5.3.1 and earlier via unsafe deserialization in the Gearman worker component, which calls unserialize() on untrusted job payloads without validation or class restrictions. Attackers can exploit this by submitting crafted serialized objects to trigger PHP Object Injection when Gearman is exposed to untrusted networks. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP Prometheus Deserialization +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in SourceCodester Simple Responsive Tourism Website 1.0 allows unauthenticated remote attackers to manipulate the Username parameter during registration, potentially enabling data exfiltration, modification, or denial of service. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM This Month

SVXportal 2.5 and earlier allows authenticated users to inject malicious scripts into user profile fields (firstname, lastname, email, image_url) that execute in administrators' browsers when viewing user management pages. An attacker with a valid account can exploit this stored XSS vulnerability to perform administrative actions or steal session credentials by targeting users with higher privileges. No patch is currently available for this vulnerability.

PHP XSS Svxportal
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM This Month

SVXportal version 2.5 and earlier allow unauthenticated attackers to perform stored cross-site scripting attacks through the user registration form, where unencoded user inputs are persisted and executed in administrator browsers. An attacker can inject malicious JavaScript via registration fields like firstname, lastname, or email that will trigger when administrators access the users management interface. No patch is currently available for this vulnerability.

PHP XSS Svxportal
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM This Month

SVXportal 2.5 and earlier allows authenticated attackers to inject arbitrary scripts through an unsanitized stationid parameter in radiomobile_front.php, which executes in an administrator's browser context when they visit a crafted URL. This reflected XSS vulnerability enables attackers to hijack admin sessions or execute unauthorized actions with administrative privileges. No patch is currently available.

PHP XSS Svxportal
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM This Month

Reflected XSS in SVXportal 2.5 and earlier allows attackers to inject malicious JavaScript through the search parameter in admin/log.php, which executes in administrators' browsers when they visit a crafted URL. An authenticated attacker could exploit this to steal admin sessions, forge administrative actions, or perform other browser-based attacks with elevated privileges. No patch is currently available.

PHP XSS Svxportal
NVD GitHub VulDB
EPSS 0% CVSS 5.1
MEDIUM This Month

Reflected XSS in SVXportal 2.5 and earlier allows unauthenticated attackers to inject malicious JavaScript through an unsanitized search parameter in log.php, enabling session hijacking or unauthorized actions when victims click a crafted link. The vulnerability requires user interaction but has no authentication requirement and affects all users of the vulnerable versions.

PHP XSS Svxportal
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL POC Act Now

Host Header Poisoning in Monica 4.1.2 CRM. PoC available.

PHP Monica
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Open Source Point Of Sale versions up to 3.4.1 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE LFI +1
NVD GitHub
EPSS 0% CVSS 9.4
CRITICAL Act Now

Auth bypass in Smanga 3.2.7 allows unauthenticated password reset for any user including admin.

PHP Authentication Bypass Smanga
NVD GitHub
EPSS 0% CVSS 2.0
LOW POC Monitor

A weakness has been identified in detronetdip E-commerce 1.0.0. This affects the function get_safe_value of the file utility/function.php. [CVSS 3.5 LOW]

PHP XSS
NVD GitHub VulDB
EPSS 0% CVSS 8.1
HIGH This Week

Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends is affected by php remote file inclusion (CVSS 8.1).

WordPress PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Local file inclusion in AncoraThemes Unlimhost through version 1.2.3 allows unauthenticated attackers to read arbitrary files from the server via improper handling of include/require statements. The vulnerability carries high confidentiality and integrity impact, enabling attackers to potentially access sensitive configuration files or execute code through log poisoning techniques. No patch is currently available for this issue.

PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

AncoraThemes Netmix versions 1.0.10 and earlier contain a local file inclusion vulnerability in PHP file handling that allows unauthenticated remote attackers to read sensitive files from the affected system. The vulnerability stems from improper validation of filenames in include/require statements, enabling attackers to traverse directories and access arbitrary files on the server. No patch is currently available for this high-severity issue (CVSS 8.1).

PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Blabber through version 1.7.0 contains a local file inclusion vulnerability in its PHP code that allows unauthenticated attackers to read arbitrary files from the server. An attacker can exploit improper filename validation in include/require statements to access sensitive system files without authentication. No patch is currently available for this high-severity vulnerability affecting PHP environments.

PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Local file inclusion in AncoraThemes Saveo through version 1.1.2 enables unauthenticated attackers to read arbitrary files on affected servers through improper input validation on file inclusion functions. The vulnerability carries high severity with complete confidentiality and integrity impacts, though no patch is currently available.

PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

AncoraThemes Parkivia through version 1.1.9 contains a local file inclusion vulnerability in its PHP include/require handling that allows unauthenticated remote attackers to read arbitrary files from the server. The vulnerability exploits improper filename control mechanisms to access sensitive system files without authentication. No patch is currently available, and exploitation requires moderate attack complexity but results in high confidentiality, integrity, and availability impact.

PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

AncoraThemes Impacto Patronus through version 1.2.3 contains a local file inclusion vulnerability in its PHP include/require handling that allows attackers to read arbitrary files on the server. An unauthenticated remote attacker can exploit this vulnerability to access sensitive configuration files, credentials, and other protected data without authentication. No patch is currently available for this vulnerability.

PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

AncoraThemes Zio Alberto through version 1.2.2 contains a local file inclusion vulnerability in its PHP file handling that allows unauthenticated attackers to read arbitrary files from the server. The vulnerability stems from improper validation of file paths in include/require statements, enabling attackers to traverse the filesystem and access sensitive data. No patch is currently available for this issue.

PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

PHP Local File Inclusion in AncoraThemes Fooddy through version 1.3.10 enables attackers to read arbitrary files on the server through improper input validation in file inclusion mechanisms. An unauthenticated remote attacker can exploit this vulnerability over the network to access sensitive files and potentially execute arbitrary code, achieving high impact on confidentiality, integrity, and availability. No patch is currently available for this vulnerability.

PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

AncoraThemes Isida through version 1.4.2 contains a local file inclusion vulnerability in its PHP file handling that allows unauthenticated attackers to read arbitrary files from the server. The flaw stems from improper validation of include/require statements, enabling attackers to access sensitive files and potentially execute arbitrary code. No patch is currently available, and exploitation requires moderate complexity conditions.

PHP LFI
NVD
EPSS 0% CVSS 8.1
HIGH This Week

AncoraThemes Gustavo plugin version 1.2.2 and earlier contains a local file inclusion vulnerability in its PHP file handling that allows unauthenticated remote attackers to read arbitrary files from the server. The vulnerability stems from improper validation of filenames in include/require statements, enabling attackers to traverse the filesystem and access sensitive data. With no available patch, affected sites running vulnerable versions face significant risk of information disclosure.

PHP LFI
NVD
Prev Page 34 of 275 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy