|
2841
|
2.4 |
LOW
Network
|
-
|
-
|
A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is some unknown functionality of the component mail_send Plugin. The manipulation of the argument f_subje…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7013
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2842
|
2.4 |
LOW
Network
|
-
|
-
|
A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component down_count Plugin. This manipulation of the argument f_file/f_prefix causes cross site scrip…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7014
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2843
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The m…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7025
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2844
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php of the component All Jobs Page. Perf…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7028
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2845
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument f_text/f_slug/f_limit/f_emai…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7015
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2846
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the component ushki Plugin. Performing a manipulation of the argument f_ushka_new/f_ushk results in cross site…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7016
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2847
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/…
|
CWE-320
CWE-321
Key Management Errors
Use of Hard-coded Cryptographic Key
|
CVE-2026-7018
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2848
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServl…
|
CWE-22
Path Traversal
|
CVE-2026-7024
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2849
|
7.8 |
HIGH
Local
|
-
|
-
|
A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description l…
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7039
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2850
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create_app of the file backend/app/__init__.py of the component REST API Endpoint. Executing a manipulation can lead to…
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-7042
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
