|
681
|
7.1 |
HIGH
Network
|
-
|
-
|
Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Att…
New
|
CWE-89
SQL Injection
|
CVE-2020-37224
|
2026-05-14 02:07 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
682
|
6.4 |
MEDIUM
Network
|
-
|
-
|
Powie's WHOIS Domain Check 0.9.31 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by exploiting unsanitized input fields in…
New
|
CWE-79
Cross-site Scripting
|
CVE-2020-37225
|
2026-05-14 02:07 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
683
|
7.1 |
HIGH
Network
|
-
|
-
|
Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Att…
New
|
CWE-89
SQL Injection
|
CVE-2020-37226
|
2026-05-14 02:07 |
2026-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
684
|
5.5 |
MEDIUM
Local
|
jqlang
|
jq
|
jq is a command-line JSON processor. In 1.8.2rc1 and earlier, the ordinary module loader recurses without cycle detection when two
otherwise valid modules include each other.
Update
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-44777
|
2026-05-14 02:05 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
685
|
- |
|
-
|
-
|
WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, atendido/familiar_docfamiliar.php displays an overly descriptive error message, including database-related details. Thi…
Update
|
CWE-200
Information Exposure
|
CVE-2026-42871
|
2026-05-14 02:03 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
686
|
- |
|
-
|
-
|
WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a Stored Cross-Site Scripting (XSS) flaw was identified at the following endpoint: funcionario/profile_funcionario.php?…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2026-42870
|
2026-05-14 02:03 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
687
|
6.1 |
MEDIUM
Network
|
-
|
-
|
WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a reflected Cross-Site Scripting (XSS) vulnerability exists in lista_arquivos_etapa.php due to improper handling of use…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2026-42872
|
2026-05-14 02:03 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
688
|
0.0 |
NONE
Network
|
-
|
-
|
WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, when attempting to upload a file with malicious content to funcionario/docdependente_upload.php, the application respo…
Update
|
CWE-200
Information Exposure
|
CVE-2026-42873
|
2026-05-14 02:03 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
689
|
6.8 |
MEDIUM
Network
|
-
|
-
|
WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript into the …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2026-45025
|
2026-05-14 02:03 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
690
|
6.8 |
MEDIUM
Network
|
-
|
-
|
WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user to inject malicious JavaScript into the …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2026-45026
|
2026-05-14 02:03 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
