|
551
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function download_website of the file src/index.ts of the component MCP Interface. Performing a manipulation o…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7642
|
2026-05-3 00:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
552
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in Totolink N300RH 6.1c.1353_B20190305. This impacts the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument FileName leads to…
|
CWE-73
External Control of File Name or Path
|
CVE-2026-7633
|
2026-05-3 00:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
553
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of the argument delid cause…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7632
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
554
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument U…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7631
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
555
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in innocommerce InnoShop up to 0.7.8. The affected element is the function InstallServiceProvider::boot of the file innopacks/install/src/InstallServiceProvider.php of …
|
CWE-287
Improper Authentication
|
CVE-2026-7630
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
556
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a…
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7629
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
557
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/…
|
CWE-200
Information Exposure
|
CVE-2026-3504
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
558
|
8.1 |
HIGH
Network
|
-
|
-
|
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and incl…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-2554
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
559
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xlwcty_current_date' shortcode in all versions up to, and includ…
|
CWE-79
Cross-site Scripting
|
CVE-2026-0703
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
560
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in crazyrabbitLTC mcp-code-review-server up to 0.1.0. This issue affects the function executeRepomix of the file src/repomix.ts of the component RepoMix Command Handler. …
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7628
|
2026-05-2 21:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
