|
2311
|
7.8 |
HIGH
Local
|
-
|
-
|
A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation r…
|
CWE-266
CWE-284
Incorrect Privilege Assignment
Improper Access Control
|
CVE-2026-12779
|
2026-06-23 04:16 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2312
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. This affects an unknown part of the file /index.php?page=houses. This manipulation of the arg…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-12776
|
2026-06-23 04:16 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2313
|
5.9 |
MEDIUM
Network
|
-
|
-
|
A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and
query logging are both enabled, logging of DS or DNSKEY replies containing
unsupported algorithm or digest types can caus…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-12725
|
2026-06-23 04:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2314
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' shortcode attribute in all versions up to, and includ…
|
CWE-862
Missing Authorization
|
CVE-2026-12119
|
2026-06-23 04:16 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2315
|
- |
|
-
|
-
|
Akaunting 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to create or update reports can store arbitrary HTML/Jav…
|
CWE-79
Cross-site Scripting
|
CVE-2026-11994
|
2026-06-23 04:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2316
|
7.5 |
HIGH
Network
|
-
|
-
|
The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL_DeleteFile function in all versions up to, and including, 6.3.…
|
CWE-22
Path Traversal
|
CVE-2026-11911
|
2026-06-23 04:16 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2317
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction A…
|
CWE-94
Code Injection
|
CVE-2024-58351
|
2026-06-23 04:16 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2318
|
7.1 |
HIGH
Network
|
-
|
-
|
Joomla! Component JoomCRM 1.1.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the deal_id parameter.…
|
CWE-89
SQL Injection
|
CVE-2019-25761
|
2026-06-23 04:16 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2319
|
8.2 |
HIGH
Network
|
-
|
-
|
Joomla Component vReview 1.9.11 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cmId parameter. …
|
CWE-89
SQL Injection
|
CVE-2019-25755
|
2026-06-23 04:16 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2320
|
8.2 |
HIGH
Network
|
-
|
-
|
Joomla! Component J-BusinessDirectory 4.9.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the type…
|
CWE-89
SQL Injection
|
CVE-2019-25752
|
2026-06-23 04:16 |
2026-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
