|
1321
|
6.1 |
MEDIUM
Network
|
-
|
-
|
WordPress adivaha Travel Plugin 2.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the isMobile parameter. A…
|
CWE-79
Cross-site Scripting
|
CVE-2023-54358
|
2026-04-16 00:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1322
|
8.2 |
HIGH
Network
|
-
|
-
|
WordPress adivaha Travel Plugin 2.3 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'pid…
|
CWE-89
SQL Injection
|
CVE-2023-54359
|
2026-04-16 00:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1323
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the review_id URL parameter. Attackers can craft mal…
|
CWE-79
Cross-site Scripting
|
CVE-2023-54360
|
2026-04-16 00:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1324
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Joomla iProperty Real Estate 4.1.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the filter_keyword parameter. Attackers ca…
|
CWE-79
Cross-site Scripting
|
CVE-2023-54361
|
2026-04-16 00:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1325
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can c…
|
CWE-79
Cross-site Scripting
|
CVE-2023-54362
|
2026-04-16 00:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1326
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Joomla Solidres 2.13.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating multiple GET parameters including show…
|
CWE-79
Cross-site Scripting
|
CVE-2023-54363
|
2026-04-16 00:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1327
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Joomla HikaShop 4.7.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating GET parameters in the product filter en…
|
CWE-79
Cross-site Scripting
|
CVE-2023-54364
|
2026-04-16 00:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1328
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute…
|
CWE-506
Embedded Malicious Code
|
CVE-2026-34424
|
2026-04-16 00:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1329
|
7.1 |
HIGH
Network
|
-
|
-
|
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileF…
|
CWE-89
SQL Injection
|
CVE-2018-25257
|
2026-04-16 00:00 |
2026-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1330
|
8.4 |
HIGH
Local
|
-
|
-
|
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers c…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-25258
|
2026-04-16 00:00 |
2026-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
