|
2881
|
6.5 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated attacker to tamper w…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-23638
|
2026-06-4 00:30 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2882
|
8.2 |
HIGH
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2026-24751
|
2026-06-4 00:29 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2883
|
8.2 |
HIGH
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2026-24752
|
2026-06-4 00:29 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2884
|
6.5 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resou…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-24753
|
2026-06-4 00:28 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2885
|
5.4 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms could allow an authenticated attacker to execute arbitrary JavaScript code…
|
CWE-79
Cross-site Scripting
|
CVE-2026-24754
|
2026-06-4 00:28 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2886
|
5.4 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permi…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-24755
|
2026-06-4 00:27 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2887
|
4.3 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resou…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-24756
|
2026-06-4 00:26 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2888
|
4.3 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to access metad…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-24761
|
2026-06-4 00:17 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2889
|
8.8 |
HIGH
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kiteworks Secure Data Forms could be exploited by an authenticated attacker with the FormBui…
|
CWE-89
SQL Injection
|
CVE-2026-24782
|
2026-06-4 00:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2890
|
9.8 |
CRITICAL
Network
|
trendnet
|
tew-432brp_firmware
|
A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument ip/mask/gateway leads to comma…
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-10060
|
2026-06-3 23:39 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
