|
3511
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in OpenSC up to 0.26.1. This affects the function test_kpgen_certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation …
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-10275
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3512
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Paolo GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects GeoDirectory: from n/a through 2.8.157.
|
CWE-862
Missing Authorization
|
CVE-2026-42671
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3513
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection.
This issue affects WP Directory Ki…
|
CWE-89
SQL Injection
|
CVE-2026-42672
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3514
|
7.5 |
HIGH
Network
|
-
|
-
|
Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensit…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-42673
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3515
|
7.5 |
HIGH
Network
|
-
|
-
|
Authentication Bypass by Spoofing vulnerability in AAM Plugin Advanced Access Manager allows URL Encoding.
This issue affects Advanced Access Manager: from n/a through 7.1.0.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-42674
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3516
|
7.3 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in Themefic Hydra Booking allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Hydra Booking: from n/a through 1.1.41.
|
CWE-862
Missing Authorization
|
CVE-2026-42675
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3517
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in myCred allows Stored XSS.
This issue affects myCred: from n/a through 3.0.4.
|
CWE-79
Cross-site Scripting
|
CVE-2026-42676
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3518
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects WP Document Revisions: from n/a be…
|
CWE-862
Missing Authorization
|
CVE-2026-42677
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3519
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liquid Web / StellarWP GiveWP allows DOM-Based XSS.
This issue affects GiveWP: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2026-42678
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3520
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mamunur Rashid Classified Listing allows Path Traversal.
This issue affects Classified Listing: from n…
|
CWE-22
Path Traversal
|
CVE-2026-42679
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
