|
3461
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit_topic.php. Such manipulation of the argument…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10265
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3462
|
3.3 |
LOW
Local
|
-
|
-
|
A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attackin…
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2026-10267
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3463
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation.
This issue affects Contest Gallery Pro: from n/a through …
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-42680
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3464
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in E2Pdf.Com e2pdf allows Reflected XSS.
This issue affects e2pdf: from n/a through 1.32.14.
|
CWE-79
Cross-site Scripting
|
CVE-2026-42681
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3465
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects wpForo Forum: from n/a through 3.0.6.
|
CWE-862
Missing Authorization
|
CVE-2026-42682
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3466
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS.
This issue affects VikBooki…
|
CWE-79
Cross-site Scripting
|
CVE-2026-42683
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3467
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS.
This issue affects WP Statistics: from n/a throug…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48839
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3468
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress allows Reflected XSS.
This issue affects LearnPress: from n/a through 4.3.6.
|
CWE-79
Cross-site Scripting
|
CVE-2026-48865
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3469
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal.
This issue affects Gravity Forms: from n/a thro…
|
CWE-22
Path Traversal
|
CVE-2026-48866
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3470
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation.
This issue affects AIWU: from n/a through 1.4.17.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-48879
|
2026-06-2 01:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
