|
2421
|
2.4 |
LOW
Network
|
-
|
-
|
A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/plugin_antispam of the component Antispam Plugin. Executing a …
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7011
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2422
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument f_all/f_all404 results in cross site scripting…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7012
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2423
|
2.4 |
LOW
Network
|
-
|
-
|
A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is some unknown functionality of the component mail_send Plugin. The manipulation of the argument f_subje…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7013
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2424
|
2.4 |
LOW
Network
|
-
|
-
|
A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component down_count Plugin. This manipulation of the argument f_file/f_prefix causes cross site scrip…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7014
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2425
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The m…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7025
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2426
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php of the component All Jobs Page. Perf…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7028
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2427
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument f_text/f_slug/f_limit/f_emai…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7015
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2428
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the component ushki Plugin. Performing a manipulation of the argument f_ushka_new/f_ushk results in cross site…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7016
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2429
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/…
|
CWE-320
CWE-321
Key Management Errors
Use of Hard-coded Cryptographic Key
|
CVE-2026-7018
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2430
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServl…
|
CWE-22
Path Traversal
|
CVE-2026-7024
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
