|
2021
|
8.2 |
HIGH
Network
|
-
|
-
|
Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary SQL queries. Attackers can …
|
CWE-89
SQL Injection
|
CVE-2021-47930
|
2026-05-12 23:47 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2022
|
6.4 |
MEDIUM
Network
|
-
|
-
|
Projectsend r1295 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input in the 'name' parameter of files-edi…
|
CWE-79
Cross-site Scripting
|
CVE-2021-47947
|
2026-05-12 23:47 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2023
|
7.3 |
HIGH
Network
|
-
|
-
|
The Custom css-js-php WordPress plugin through 2.0.7 does not properly sanitize user input before using it in a SQL query, and the result is passed to eval(), allowing unauthenticated users to execut…
|
-
|
CVE-2026-6433
|
2026-05-12 23:47 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2024
|
- |
|
-
|
-
|
Vulnerability in Wikimedia Foundation AbuseFilter.
This issue affects AbuseFilter: from * before 1.43.7, 1.44.4, 1.45.2.
|
CWE-20
Improper Input Validation
|
CVE-2026-34086
|
2026-05-12 23:45 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2025
|
- |
|
-
|
-
|
Vulnerability in Wikimedia Foundation Scribunto.
This issue affects Scribunto: from 1.45.0 before 1.45.2.
|
CWE-79
Cross-site Scripting
|
CVE-2026-34089
|
2026-05-12 23:45 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2026
|
- |
|
-
|
-
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.
This vulnerability is associated with program files includes/Specials/SpecialUserRights.P…
|
CWE-200
Information Exposure
|
CVE-2026-34093
|
2026-05-12 23:45 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2027
|
- |
|
-
|
-
|
Vulnerability in Wikimedia Foundation MediaWiki.
This vulnerability is associated with program files includes/Page/Article.Php.
This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2026-34094
|
2026-05-12 23:45 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2028
|
- |
|
-
|
-
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo.
This vulnerability is associated with program files includes/Api/ApiEchoNotifications.Php.
…
|
CWE-200
Information Exposure
|
CVE-2026-5266
|
2026-05-12 23:45 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2029
|
7.5 |
HIGH
Network
|
yardoc
|
yard
|
YARD is a Ruby Documentation tool. Prior to version 0.9.42, a path traversal vulnerability was discovered in YARD when using yard server to serve documentation. This bug would allow unsanitized HTTP …
|
CWE-22
Path Traversal
|
CVE-2026-41493
|
2026-05-12 23:38 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2030
|
7.4 |
HIGH
Network
|
go-git_project
|
go-git
|
go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smar…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-41506
|
2026-05-12 23:33 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
