|
2991
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Sanzo sanzo allows Stored XSS.This issue affects Sanzo: from n/a through < 2.4.3.
|
CWE-79
Cross-site Scripting
|
CVE-2026-25355
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2992
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('Cross-site Scripting') en skygroup Sanzo sanzo permite XSS Almacenado. Este problema afecta a Sanzo: d…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25355
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2993
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Yobazar yobazar allows Reflected XSS.This issue affects Yobazar: from n/a through < 1.6.…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25356
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2994
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en skygroup Yobazar yobazar permite XSS Reflejado. Este problema afecta a Yobazar:…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25356
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2995
|
8.1 |
HIGH
Network
|
-
|
-
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-25357
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2996
|
8.1 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de omisión de autenticación Usando una Ruta o Canal Alternativo en azzaroco Ultimate Membership Pro indeed-membership-pro permite Abuso de Autenticación. Este problema afecta a Ultimat…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-25357
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2997
|
8.8 |
HIGH
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in rascals Meloo meloo allows Object Injection.This issue affects Meloo: from n/a through < 2.8.2.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25358
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2998
|
8.8 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en rascals Meloo meloo permite la inyección de objetos. Este problema afecta a Meloo: desde n/a hasta < 2.8.2.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25358
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2999
|
8.8 |
HIGH
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in rascals Pendulum pendulum allows Object Injection.This issue affects Pendulum: from n/a through < 3.1.5.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25359
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3000
|
8.8 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en rascals Pendulum pendulum permite la inyección de objetos. Este problema afecta a Pendulum: desde n/a hasta < 3.1.5.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-25359
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
