|
2101
|
- |
|
-
|
-
|
The create and edit flows do not restrict which user properties may be submitted and do not enforce access control on the frontend user group assignment. As a result, an attacker can assign an arbitr…
|
CWE-639
CWE-915
Authorization Bypass Through User-Controlled Key
Improperly Controlled Modification of Dynamically-Determined Object Attributes
|
CVE-2026-46721
|
2026-05-19 23:47 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2102
|
- |
|
-
|
-
|
The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP req…
|
CWE-611
XXE
|
CVE-2026-46722
|
2026-05-19 23:47 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2103
|
- |
|
-
|
-
|
The additional_tables configuration of the page and tt_content indexers accepts arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data …
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2026-46723
|
2026-05-19 23:47 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2104
|
- |
|
-
|
-
|
The file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system…
|
CWE-22
Path Traversal
|
CVE-2026-46724
|
2026-05-19 23:47 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2105
|
- |
|
-
|
-
|
The extension passes an attacker-controlled cookie directly to PHP's unserialize() without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to t…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-46725
|
2026-05-19 23:47 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2106
|
- |
|
-
|
-
|
The extension fails to properly sanitize user input before using it in a database query. As a result, an unauthenticated attacker can inject arbitrary SQL through a URL parameter on pages using the "…
|
CWE-89
SQL Injection
|
CVE-2026-8726
|
2026-05-19 23:47 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2107
|
- |
|
-
|
-
|
The Crawler extension passes the X-T3Crawler-Meta response header from crawled URLs directly to PHP's unserialize(). An attacker controlling a crawled endpoint can inject arbitrary serialized PHP obj…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-8727
|
2026-05-19 23:47 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2108
|
- |
|
-
|
-
|
The AddressRepository::getSqlQuery() method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itsel…
|
CWE-89
SQL Injection
|
CVE-2026-8827
|
2026-05-19 23:47 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2109
|
- |
|
-
|
-
|
An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network (qtbase) in Qt Qt Framework (Unix) allows a local attacker to load a rogue CA certificate as a trusted syste…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2025-14575
|
2026-05-19 23:46 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2110
|
- |
|
-
|
-
|
Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within da…
|
CWE-863
Incorrect Authorization
|
CVE-2026-42096
|
2026-05-19 23:45 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
