|
541
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.cl…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6982
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
542
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url …
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6983
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
543
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descriçã…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6990
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
544
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID Data Type Handler. Exec…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6991
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
545
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in go-kratos kratos up to 2.9.2. This impacts the function NewServer of the file transport/http/server.go of the component http.DefaultServeMux Fallback Handler. T…
New
|
CWE-441
Confused Deputy
|
CVE-2026-6993
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
546
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query Paramete…
New
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-6994
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
547
|
2.4 |
LOW
Network
|
-
|
-
|
A security flaw has been discovered in BDCOM P3310D 0.4.2 10.1.0F Build 86345. The impacted element is an unknown function of the file /index.asp of the component New User Page. Performing a manipula…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6995
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
548
|
2.4 |
LOW
Network
|
-
|
-
|
A weakness has been identified in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This affects an unknown function of the component rmon event Tab. Executing a manipulation of the argument Description can le…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6996
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
549
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to s…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7074
|
2026-04-28 03:39 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
550
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address …
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7075
|
2026-04-28 03:39 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
