|
4531
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /login_credentials.txt of the component HTTP GET Request Handler. Th…
|
CWE-312
CWE-313
Cleartext Storage of Sensitive Information
Cleartext Storage in a File or on Disk
|
CVE-2026-5531
|
2026-04-25 03:13 |
2026-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4532
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in code-projects Student Membership System 1.0. The impacted element is an unknown function of the file /admin/index.php of the component Admin Login. This manipulation…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5198
|
2026-04-25 03:12 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4533
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function _copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserG…
|
CWE-22
Path Traversal
|
CVE-2026-5203
|
2026-04-25 03:12 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4534
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the function Webhooks::Trigger in the library lib/webhooks/trigger.rb of the component Webhook API. Such man…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-5205
|
2026-04-25 03:12 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4535
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argumen…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5206
|
2026-04-25 03:12 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4536
|
2.4 |
LOW
Network
|
-
|
-
|
A security vulnerability has been detected in SourceCodester Leave Application System 1.0. Affected by this issue is some unknown functionality of the component User Management Handler. Such manipula…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-5209
|
2026-04-25 03:12 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4537
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in SourceCodester Leave Application System 1.0. This affects an unknown part. Performing a manipulation of the argument page results in file inclusion. Remote exploitatio…
|
CWE-73
External Control of File Name or Path
|
CVE-2026-5210
|
2026-04-25 03:12 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4538
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'max_width' attribute of the `su_box` shortcode in all versions up to, and inc…
|
CWE-79
Cross-site Scripting
|
CVE-2026-2480
|
2026-04-25 03:12 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4539
|
6.4 |
MEDIUM
Network
|
-
|
-
|
El plugin WP Shortcodes Plugin — Shortcodes Ultimate para WordPress es vulnerable a cross-site scripting almacenado a través del atributo 'max_width' del shortcode 'su_box' en todas las versiones has…
|
CWE-79
Cross-site Scripting
|
CVE-2026-2480
|
2026-04-25 03:12 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4540
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4_BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation …
|
CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error')
Heap-based Buffer Overflow
|
CVE-2026-5235
|
2026-04-25 03:12 |
2026-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
