Export limit exceeded: 358236 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 358236 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358236 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-34026 | 2026-06-15 | N/A | ||
| Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation, allowing an authenticated attacker with any role or permission level to traverse out of the intended document directory and download arbitrary files accessible to the application. This includes, but is not limited to, application log files containing sensitive information and application binaries. | ||||
| CVE-2026-34025 | 2026-06-15 | N/A | ||
| The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an IP restriction bypass vulnerability in the login process. The application restricts user logins based on the IP address associated with a branch location, but the client IP address is derived from the HTTP X-Forwarded-For header when that header is present. An attacker with valid branch user credentials can manipulate the X-Forwarded-For header during login to spoof the expected branch IP address and obtain a valid authenticated session from an unauthorized network location. | ||||
| CVE-2026-34024 | 2026-06-15 | N/A | ||
| The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains missing authorization checks on multiple web application endpoints. An authenticated attacker with minimal privileges can access endpoints that are not visible in the frontend but remain directly reachable. This allows the attacker to perform restricted actions such as switching the user's branch, uploading arbitrary files, downloading arbitrary files, and viewing details of arbitrary branches. | ||||
| CVE-2026-34029 | 2026-06-15 | N/A | ||
| The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This key can be used to decrypt the licence.whs file, which contains sensitive information about the licensing party and a second key that can be used to decrypt other configuration files. | ||||
| CVE-2026-34023 | 2026-06-15 | N/A | ||
| The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect authorization vulnerability in the WebSocket communication used by the SafeController WebMessageBroker. An authenticated attacker with valid low-privileged branch user credentials can manipulate WebSocket messages by specifying controller identifiers belonging to other branches. This allows the attacker to access restricted functions and resources in other branches, including activating boxes outside of the user's authorized branch. | ||||
| CVE-2016-20084 | 2026-06-15 | 7.2 High | ||
| WordPress appointment-booking-calendar 1.1.24 contains multiple privilege escalation vulnerabilities that allow unauthenticated attackers to modify calendar settings and inject persistent cross-site scripting payloads through the admin.php page parameters. Attackers can inject malicious JavaScript into the 'ict' and 'ics' options or the calendar 'name' parameter via GET requests to execute arbitrary scripts when the calendar is displayed or accessed in the administration interface. | ||||
| CVE-2016-20078 | 2026-06-15 | 6.2 Medium | ||
| WordPress IMDb Profile Widget 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Attackers can supply directory traversal sequences in GET requests to pic.php to access sensitive files like wp-config.php containing database credentials and configuration data. | ||||
| CVE-2016-20073 | 2026-06-15 | 8.2 High | ||
| Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract sensitive database information including WordPress terms and configuration data. | ||||
| CVE-2016-20067 | 2026-06-15 | 4.3 Medium | ||
| WordPress CP Polls 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML pages that execute unwanted poll operations when administrators visit the page while logged in. | ||||
| CVE-2026-11860 | 1 Opensolution | 1 Quick.cms | 2026-06-15 | N/A |
| Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tamper with serialized payloads in transit and inject malicious objects. Because deserialization is performed without proper validation or class restrictions, crafted payloads can trigger dangerous magic methods (e.g., __wakeup() and __destruct()) and leverage gadget chains, resulting in arbitrary code execution. Exploitation is triggered automatically when an administrator accesses the admin panel. When successfully exploited, this vulnerability allows attackers to execute arbitrary code on the server via manipulated serialized data transmitted over an unprotected channel. This issue was mitigated by limiting the communication to HTTPS in a patch for version 6.8 published on 14.05.2026, deployments without this patch remain vulnerable. | ||||
| CVE-2026-5792 | 1 Hedef Media | 1 Related Marketing Cloud (rmc) | 2026-06-15 | 6.5 Medium |
| Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud (RMC) allows Brute Force. This issue affects Related Marketing Cloud (RMC): through 12052026. | ||||
| CVE-2026-5513 | 2 Ladela, Wordpress | 2 Online Scheduling And Appointment Booking System – Bookly, Wordpress | 2026-06-15 | 7.2 High |
| The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default). | ||||
| CVE-2026-12175 | 1 Codeastro | 1 Student Attendance Management System | 2026-06-15 | 4.7 Medium |
| A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. | ||||
| CVE-2026-12190 | 1 Genspark | 1 Ai Workspace App | 2026-06-15 | 5.3 Medium |
| A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-12198 | 1 Microweber | 1 Microweber | 2026-06-15 | 7.3 High |
| A weakness has been identified in Microweber up to 2.0.20. This affects the function userfiles_path of the file /api_nosession/thumbnail_img of the component API Endpoint. Executing a manipulation of the argument cache_path_relative can lead to path traversal. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-12206 | 1 Grit42 | 1 Grit | 2026-06-15 | 6.3 Medium |
| A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue affects the function Grit::Assays::DataTableEntity of the file modules/assays/backend/app/models/grit/assays/data_table_entity.rb. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-12211 | 1 Intelbras | 1 Invu 7016 Ft | 2026-06-15 | 2.7 Low |
| A flaw has been found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26. This impacts an unknown function of the file /RPC2_Loadfile/syslog/ of the component Web Interface. Executing a manipulation can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. | ||||
| CVE-2026-12218 | 1 Yealink | 1 Sip-t46u | 2026-06-15 | 8 High |
| A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. The manipulation of the argument port results in stack-based buffer overflow. Access to the local network is required for this attack. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-12223 | 1 Yealink | 1 Sip-t46u | 2026-06-15 | 5.5 Medium |
| A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability is the function mod_webd.TFTPUploadIperf of the file /api/inner/tftpuploadiperf of the component Web FastCGI Service. The manipulation of the argument ip/port leads to command injection. The attack needs to be initiated within the local network. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-46237 | 1 Linux | 1 Linux Kernel | 2026-06-15 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||