|
4571
|
2.5 |
LOW
Local
|
-
|
-
|
A vulnerability was identified in Enter Software Iperius Backup up to 8.7.2. This impacts an unknown function of the file IperiusAccounts.ini. Such manipulation leads to use of hard-coded cryptograph…
|
CWE-320
CWE-321
Key Management Errors
Use of Hard-coded Cryptographic Key
|
CVE-2026-5310
|
2026-04-25 03:12 |
2026-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4572
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function file_get_contents. This manipulation causes server-side request forgery. The attack is possible to …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-5126
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4573
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Se ha encontrado una vulnerabilidad en SourceCodester RSS Feed Parser 1.0. Este problema afecta a la función file_get_contents. Esta manipulación provoca falsificación de petición del lado del servid…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-5126
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4574
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This affects an unknown part of the file /admin-api/system/tenant/get-by-website. The manipulation of the argument Website res…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5147
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4575
|
7.3 |
HIGH
Network
|
-
|
-
|
Una vulnerabilidad de seguridad ha sido descubierta en YunaiV yudao-cloud hasta 2026.01. Esto afecta una parte desconocida del archivo /admin-api/system/tenant/get-by-website. La manipulación del arg…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5147
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4576
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function child_process.execSync of the file src/server.ts. The manipulation of the argument gi…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-5125
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4577
|
5.3 |
MEDIUM
Local
|
-
|
-
|
Una vulnerabilidad fue detectada en raine consult-llm-mcp hasta 2.5.3. Afectada por esta vulnerabilidad es la función child_process.execSync del archivo src/server.ts. La manipulación del argumento g…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-5125
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4578
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in YunaiV yudao-cloud up to 2026.01. This vulnerability affects unknown code of the file /admin-api/system/mail-log/page. This manipulation of the argument toMail cause…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5148
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4579
|
4.7 |
MEDIUM
Network
|
-
|
-
|
Se ha identificado una debilidad en YunaiV yudao-cloud hasta 2026.01. Esta vulnerabilidad afecta código desconocido del archivo /admin-api/system/mail-log/page. Esta manipulación del argumento toMail…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5148
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4580
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in code-projects Accounting System 1.0. This issue affects some unknown processing of the file /viewin_costumer.php of the component Parameter Handler. Such…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5150
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
