|
871
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in imp…
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7109
|
2026-04-28 03:37 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
872
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before …
New
|
CWE-89
SQL Injection
|
CVE-2026-22336
|
2026-04-28 03:37 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
873
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4.
New
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-22337
|
2026-04-28 03:37 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
874
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem Theme Elements (for Elementor) allows DOM-Based XSS.This issue affects TheGem …
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-42410
|
2026-04-28 03:37 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
875
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument …
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7121
|
2026-04-28 03:36 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
876
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the ar…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7122
|
2026-04-28 03:36 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
877
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the …
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7123
|
2026-04-28 03:36 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
878
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Exe…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7124
|
2026-04-28 03:36 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
879
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipu…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7125
|
2026-04-28 03:36 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
880
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The manipulation of the argument File results in path…
New
|
CWE-22
Path Traversal
|
CVE-2026-7132
|
2026-04-28 03:36 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
