|
2931
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikRestaurants vikrestaurants allows Reflected XSS.This issue affects VikRestaurants: fr…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25025
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2932
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en e4jvikwp VikRestaurants vikrestaurants permite XSS Reflejado. Este problema afe…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25025
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2933
|
7.5 |
HIGH
Network
|
-
|
-
|
Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.11.
|
CWE-862
Missing Authorization
|
CVE-2026-25026
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2934
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Autorización Faltante en RadiusTheme Team tlp-team permite Explotar Niveles de Seguridad de Control de Acceso Incorrectamente Configurados. Este problema afecta a Team: desde n/a ha…
|
CWE-862
Missing Authorization
|
CVE-2026-25026
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2935
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in park_of_ideas KIDZ kidz allows Object Injection.This issue affects KIDZ: from n/a through <= 5.24.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25029
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2936
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en park_of_ideas KIDZ kidz permite la inyección de objetos. Este problema afecta a KIDZ: desde n/a hasta <= 5.24.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25029
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2937
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in park_of_ideas Goldish goldish allows Object Injection.This issue affects Goldish: from n/a through < 3.47.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25030
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2938
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en park_of_ideas Goldish goldish permite Inyección de objetos. Este problema afecta a Goldish: desde n/a hasta < 3.47.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25030
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2939
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in park_of_ideas Tasty Daily tastydaily allows Object Injection.This issue affects Tasty Daily: from n/a through < 1.27.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25031
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2940
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en park_of_ideas Tasty Daily tastydaily permite la inyección de objetos. Este problema afecta a Tasty Daily: desde n/a hasta < 1.27.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25031
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
