|
3191
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a…
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-42731
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3192
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Input Data Manipulation.This issue affects Ads by WPQuads: from n/a thr…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-42732
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3193
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2026-42733
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3194
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a t…
|
CWE-79
Cross-site Scripting
|
CVE-2026-42734
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3195
|
8.2 |
HIGH
Network
|
-
|
-
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: f…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-42735
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3196
|
7.5 |
HIGH
Network
|
-
|
-
|
Authorization Bypass Through User-Controlled Key vulnerability in wordplus BP Better Messages bp-better-messages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-42736
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3197
|
8.6 |
HIGH
Network
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Path Traversal.This issue affects VikB…
|
CWE-22
Path Traversal
|
CVE-2026-42737
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3198
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Stored XSS.This issue affects S…
|
CWE-79
Cross-site Scripting
|
CVE-2026-42738
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3199
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IniLerm Advanced IP Blocker advanced-ip-blocker allows DOM-Based XSS.This issue affects Advanced …
|
CWE-79
Cross-site Scripting
|
CVE-2026-42739
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3200
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a throu…
|
CWE-89
SQL Injection
|
CVE-2026-42740
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
