|
2941
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in park_of_ideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through < 2.31.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25032
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2942
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en park_of_ideas Ricky ricky permite la inyección de objetos. Este problema afecta a Ricky: desde n/a hasta < 2.31.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25032
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2943
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uixthemes Motta Addons motta-addons allows Reflected XSS.This issue affects Motta Addons: from n/…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25033
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2944
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en uixthemes Motta Addons motta-addons permite XSS Reflejado. Este problema afecta…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25033
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2945
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KiviCare: fr…
|
CWE-862
Missing Authorization
|
CVE-2026-25034
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2946
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en Iqonic Design KiviCare kivicare-clinic-management-system permite la explotación de niveles de seguridad de control de acceso configurados incorrectamente. E…
|
CWE-862
Missing Authorization
|
CVE-2026-25034
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2947
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Authentication Abuse.This issue affects Co…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-25035
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2948
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Omisión de autenticación Usando una Ruta o Canal Alternativo vulnerabilidad en Wasiliy Strecker / el desarrollador de ContestGallery Contest Gallery contest-gallery permite el Abuso de Autenticación.…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-25035
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2949
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Jaroti jaroti allows Reflected XSS.This issue affects Jaroti: from n/a through < 1.4.8.
|
CWE-79
Cross-site Scripting
|
CVE-2026-25304
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2950
|
7.1 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') en skygroup Jaroti jaroti permite XSS Reflejado. Este problema afecta a Jaroti:…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25304
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
