|
2701
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-4585
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2702
|
3.7 |
LOW
Network
|
-
|
-
|
A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument cur…
|
CWE-287
CWE-295
Improper Authentication
Improper Certificate Validation
|
CVE-2026-4587
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2703
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in kalcaddle kodbox 1.64. The affected element is the function PathDriverUrl of the file /workspace/source-code/app/controller/explorer/editor.class.php of the componen…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-4589
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2704
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Se ha encontrado una vulnerabilidad en la Plataforma de Gestión Integrada Tiandy Easy7 hasta la versión 7.17.0. Esta vulnerabilidad afecta a código desconocido del archivo /Easy7/apps/WebService/Impo…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-4585
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2705
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects the function Upload of the file chat2db-server/chat2db-server-web/chat2db-server-web-api/src/main/java/ai/chat2db/server/web…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-4586
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2706
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Una vulnerabilidad fue encontrada en CodePhiliaX Chat2DB hasta 0.3.7. Esto afecta la función Upload del archivo chat2db-server/chat2db-server-web/chat2db-server-web-api/src/main/java/ai/chat2db/serve…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-4586
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2707
|
3.7 |
LOW
Network
|
-
|
-
|
Una vulnerabilidad fue encontrada en HybridAuth hasta la versión 3.12.2. Este problema afecta a algún procesamiento desconocido del archivo src/HttpClient/Curl.php del componente Gestor SSL. La manip…
|
CWE-287
CWE-295
Improper Authentication
Improper Certificate Validation
|
CVE-2026-4587
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2708
|
3.7 |
LOW
Network
|
-
|
-
|
A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-le…
|
CWE-320
CWE-321
Key Management Errors
Use of Hard-coded Cryptographic Key
|
CVE-2026-4588
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2709
|
3.7 |
LOW
Network
|
-
|
-
|
Se determinó una vulnerabilidad en kalcaddle kodbox 1.64. La función shareSafeGroup del archivo /workspace/source-code/app/controller/explorer/shareOut.class.php del componente Gestor de clave API a …
|
CWE-320
CWE-321
Key Management Errors
Use of Hard-coded Cryptographic Key
|
CVE-2026-4588
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2710
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in kalcaddle kodbox 1.64. This affects the function checkBin of the file /workspace/source-code/plugins/fileThumb/app.php of the component fileThumb Endpoint. Executing…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-4591
|
2026-04-25 01:32 |
2026-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
