|
881
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Slider Revolution plugin for WordPress in versions 6.0.0-6.7.55 and 7.0.0-7.0.14 is vulnerable to unauthorized modification of data. This is due to the plugin not properly verifying that a user i…
|
CWE-862
Missing Authorization
|
CVE-2026-9050
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
882
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argum…
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-10550
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
883
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in fi…
|
CWE-73
External Control of File Name or Path
|
CVE-2026-10558
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
884
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to fil…
|
CWE-73
External Control of File Name or Path
|
CVE-2026-10559
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
885
|
3.1 |
LOW
Network
|
-
|
-
|
A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmm_state_security_mode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a mani…
|
CWE-362
Race Condition
|
CVE-2026-10565
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
886
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.check_instruct_content of the file metagpt/schema.py. Executing a manipulation of the argumen…
|
CWE-20
CWE-502
Improper Input Validation
Deserialization of Untrusted Data
|
CVE-2026-10566
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
887
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in itsourcecode Fees Management System 1.0. Affected is an unknown function of the file /manage_payment.php. The manipulation of the argument ID results in sql injection.…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10568
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
888
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Auto Image Attributes From Filename With Bulk Updater (Add Alt Text, Image Title For Image SEO) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment metadata in al…
|
CWE-79
Cross-site Scripting
|
CVE-2026-3722
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
889
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64_decode of the file /plus/download.php?open=1. This manipulation of the argument Link causes server-side …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-10581
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
890
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. Affected by this issue is the function Import of the file internal/http/tts_config.go of the component TTS Configur…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-10583
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
