|
3061
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes IdealAuto idealauto allows PHP Local File Inclusion.This issue affec…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-25382
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3062
|
8.1 |
HIGH
Network
|
-
|
-
|
Control inadecuado del nombre de fichero para la declaración Include/Require en el programa PHP ('Inclusión remota de ficheros PHP') vulnerabilidad en jwsthemes IdealAuto idealauto permite la inclusi…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-25382
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3063
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Reflected XSS.This issue affects …
|
CWE-79
Cross-site Scripting
|
CVE-2026-25383
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3064
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en Iqonic Design KiviCare kivicare-clinic-management-system permite XSS Reflejado.…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25383
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3065
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n…
|
CWE-862
Missing Authorization
|
CVE-2026-25390
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3066
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en Saad Iqbal New User Approve new-user-approve permite la explotación de niveles de seguridad de control de acceso configurados incorrectamente. Este problema…
|
CWE-862
Missing Authorization
|
CVE-2026-25390
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3067
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issu…
|
CWE-862
Missing Authorization
|
CVE-2026-25396
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3068
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad por ausencia de autorización en CoderPress Commerce Coinbase For WooCommerce commerce-coinbase-for-woocommerce permite la explotación de niveles de seguridad de control de acceso confi…
|
CWE-862
Missing Authorization
|
CVE-2026-25396
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3069
|
7.5 |
HIGH
Network
|
-
|
-
|
Path Traversal: '.../...//' vulnerability in Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce allows Path Traversal.This issue affects File Uploader for WooCommerce: from …
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2026-25397
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3070
|
7.5 |
HIGH
Network
|
-
|
-
|
Salto de ruta: la vulnerabilidad '.../...//' en Snowray Software File Uploader for WooCommerce file-uploader-for-woocommerce permite el salto de ruta. Este problema afecta a File Uploader for WooComm…
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2026-25397
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
