|
181
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.0. This vulnerability affects the function Statement.executeUpdate of the file sql.jsp of the component Interface. Such manipulation …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6629
|
2026-04-20 20:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
182
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in phili67 Ecclesia CRM up to 8.0.0. This affects the function ValidateInput of the file /v2/query/view/ of the component Query Viewer Component. This manipulation of the argume…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6628
|
2026-04-20 19:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
183
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in imp…
|
CWE-20
CWE-943
Improper Input Validation
Improper Neutralization of Special Elements in Data Query Logic
|
CVE-2026-6626
|
2026-04-20 19:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
184
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogu_picture/src/main/…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6625
|
2026-04-20 19:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
185
|
2.4 |
LOW
Network
|
-
|
-
|
A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\_route=pool/add of the component Pool List Interface. Executing a manipula…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6624
|
2026-04-20 19:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
186
|
2.4 |
LOW
Network
|
-
|
-
|
A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?_route=settings/users-view/ of the component Profile Page Handler. Pe…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6623
|
2026-04-20 19:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
187
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\_route=customers/edit/ of the component Customer Handler. Such manipulati…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6622
|
2026-04-20 19:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
188
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
X.509: Fix out-of-bounds access when parsing extensions
Leo reports an out-of-bounds access when parsing a certificate with
empty…
|
-
|
CVE-2026-31430
|
2026-04-20 19:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
189
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net: skb: fix cross-cache free of KFENCE-allocated skb head
SKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2
va…
|
-
|
CVE-2026-31429
|
2026-04-20 19:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
190
|
- |
|
-
|
-
|
Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive informa…
|
CWE-863
Incorrect Authorization
|
CVE-2025-13480
|
2026-04-20 19:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
