|
2961
|
7.5 |
HIGH
Network
|
-
|
-
|
xiaomusic v0.5.7 contains an unauthenticated path traversal vulnerability in the GET /music/{file_path:path} endpoint that allows unauthenticated attackers to read arbitrary files outside the intende…
|
CWE-22
Path Traversal
|
CVE-2026-10108
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2962
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in code-projects Student Details Management System 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument roll results in…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10110
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2963
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Login Page. Executing a manipulation of the argument email can lead to sql injectio…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10111
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2964
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site s…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-10112
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2965
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is an unknown functionality in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. The manip…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-10113
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2966
|
7.5 |
HIGH
Network
|
-
|
-
|
The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated (Subscriber+) account takeover in all versions up to, and including, 5.26.0 via the ev…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2026-7459
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2967
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogs_sbi_xact_add in the library /lib/core/ogs-timer.c of the component ue-authentications Endpoint.…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-10116
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2968
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogs_pool_id_calloc in the library /lib/sbi/nghttp2-server.c. Executing a manipulation can lead to denial of serv…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-10117
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2969
|
8.8 |
HIGH
Network
|
-
|
-
|
The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible f…
|
CWE-269
Improper Privilege Management
|
CVE-2026-7465
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2970
|
7.5 |
HIGH
Network
|
-
|
-
|
The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $_SERVER['QUERY…
|
CWE-89
SQL Injection
|
CVE-2026-9757
|
2026-06-2 00:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
