|
1751
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Se ha encontrado una vulnerabilidad en code-projects Student Membership System 1.0. Afectada es una función desconocida del archivo /delete_member.php. La manipulación del argumento ID conduce a inye…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5196
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1752
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in code-projects Student Membership System 1.0. The affected element is an unknown function of the file /delete_user.php. The manipulation of the argument ID results in sql …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5197
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1753
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Una vulnerabilidad fue encontrada en code-projects Student Membership System 1.0. El elemento afectado es una función desconocida del archivo /delete_user.php. La manipulación del argumento ID result…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5197
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1754
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including,…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-3139
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1755
|
5.4 |
MEDIUM
Network
|
-
|
-
|
The Minify HTML plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.12. This is due to missing or incorrect nonce validation on the 'minify_html…
|
CWE-352
Origin Validation Error
|
CVE-2026-3191
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1756
|
7.2 |
HIGH
Network
|
-
|
-
|
The Query Monitor – The developer tools panel for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘$_SERVER['REQUEST_URI']’ parameter in all versions up to, and…
|
CWE-79
Cross-site Scripting
|
CVE-2026-4267
|
2026-04-25 03:11 |
2026-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1757
|
7.5 |
HIGH
Network
|
apache
|
log4j
|
Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to…
|
CWE-117
CWE-684
Improper Output Neutralization for Logs
Incorrect Provision of Specified Functionality
|
CVE-2026-34478
|
2026-04-25 03:10 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1758
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
can: usb: f81604: correctly anchor the urb in the read bulk callback
When submitting an urb, that is using the anchor pattern, it…
|
NVD-CWE-noinfo
|
CVE-2026-23347
|
2026-04-25 03:10 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1759
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
can: usb: f81604: anclar correctamente el urb en la devolución de llamada de lectura masiva
Al enviar un urb, que está usando el…
|
NVD-CWE-noinfo
|
CVE-2026-23347
|
2026-04-25 03:10 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1760
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
cxl: Fix race of nvdimm_bus object when creating nvdimm objects
Found issue during running of cxl-translate.sh unit test. Adding …
|
CWE-362
Race Condition
|
CVE-2026-23348
|
2026-04-25 03:08 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
