2026-04-05
2026-04-05 21:16Z
HIGH

CVE-2019-25674 — Victoralagwu Cmssite: 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25674

CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send GET requests to post.php with malicious 'post' values to extract sensitive database information or perform time-based blind SQL injection attacks. CVSSv3.1 8.2 (HIGH)

CWECWE 89VNDVictoralagwuVNDCmssiteTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-04-05
2026-04-05 21:16Z
HIGH

CVE-2019-25673 — UniSharp: Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25673

UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the upload endpoint. Attackers can upload PHP files with the type parameter set to Files and execute arbitrary code by accessing the uploaded file through the working directory path. CVSSv3.1 8.8 (HIGH)

CWECWE 434VNDUnisharpTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-05
2026-04-05 21:16Z
HIGH

CVE-2019-25672 — Kartatopia Piluscart: 1.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25672

PilusCart 1.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'send' parameter. Attackers can submit POST requests to the comment submission endpoint with RLIKE-based boolean SQL injection payloads to extract sensitive database information. CVSSv3.1 8.2 (HIGH)

CWECWE 89VNDKartatopiaVNDPiluscartTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-04-05
2026-04-05 21:16Z
HIGH

CVE-2019-25671 — MAX: VA MAX 8.3.4 contains a remote code execution vulnerability that allows authenticated attackers to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25671

VA MAX 8.3.4 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the mtu_eth0 parameter. Attackers can send POST requests to the changeip.php endpoint with malicious payload in the mtu_eth0 field to execute commands as the apache user. CVSSv3.1 8.8 (HIGH)

CWECWE 22VNDMaxTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-05
2026-04-05 21:16Z
HIGH

CVE-2019-25670 — River: Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25670

River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_enc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exception handler override, and shellcode to trigger code execution when the application processes the input. CVSSv3.1 8.4 (HIGH)

CWECWE 787VNDRiverTYPVulnerability
8.4
CVSS v3.1
92
Edit Score
2026-04-05
2026-04-05 21:16Z
HIGH

CVE-2019-25669 — Qdpm Qdpm: 9.1 contains an SQL injection vulnerability that allows attackers to manipulate database queries

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25669

qdPM 9.1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the search_by_extrafields[] parameter. Attackers can send POST requests to the users endpoint with malicious search_by_extrafields[] values to trigger SQL syntax errors and extract database information. CVSSv3.1 8.2 (HIGH)

CWECWE 89VNDQdpmTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-04-05
2026-04-05 21:16Z
HIGH

CVE-2019-25668 — News: Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25668

News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the news ID parameter. Attackers can send GET requests to index.php/show/news/ with malicious SQL statements to extract sensitive database information. CVSSv3.1 8.2 (HIGH)

CWECWE 89TYPVulnerability
8.2
CVSS v3.1
91
Edit Score
728 × 90 / responsive · programmatic ad slot
2026-04-05
2026-04-05 21:16Z
HIGH

CVE-2019-25662 — Montala Resourcespace: 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25662

ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watched_searches.php endpoint with crafted SQL payloads to extract sensitive database information including usernames and credentials. CVSSv3.1 8.2 (HIGH)

CWECWE 89VNDMontalaVNDResourcespaceTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2026-04-05
2026-04-05 21:16Z
HIGH

CVE-2019-25656 — R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2019-25656

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler (SEH) overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to overwrite SEH records and achieve code execution with calculator or arbitrary shellcode. CVSSv3.1 8.4 (HIGH)

CWECWE 787TYPVulnerability
8.4
CVSS v3.1
92
Edit Score
2026-04-05
2026-04-05 13:17Z
HIGH

CVE-2026-5567 — Executing a manipulation of the argument policyType can lead to buffer overflow.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5567

A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. CVSSv3.1 8.8 (HIGH)

CWECWE 120CWECWE 119TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-05
2026-04-05 13:17Z
HIGH

CVE-2026-5566 — UTT: Performing a manipulation of the argument NatBind results in buffer overflow.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5566

A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects the function strcpy of the file /goform/formNatStaticMap. Performing a manipulation of the argument NatBind results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. CVSSv3.1 8.8 (HIGH) · EPSS 14th percentile

CWECWE 120CWECWE 119VNDUttTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-05
2026-04-05 08:16Z
HIGH

CVE-2026-5550 — Tenda: The manipulation leads to stack-based buffer overflow.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5550

A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected. CVSSv3.1 8.8 (HIGH)

CWECWE 121CWECWE 119VNDTendaTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-05
2026-04-05 08:16Z
HIGH

CVE-2026-5548 — Tenda: Performing a manipulation of the argument sys.userpass results in stack-based buffer overflow.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5548

A vulnerability was found in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this vulnerability is the function fromSysToolChangePwd of the file /bin/httpd. Performing a manipulation of the argument sys.userpass results in stack-based buffer overflow. The attack can be initiated remotely. CVSSv3.1 8.8 (HIGH)

CWECWE 121CWECWE 119VNDTendaTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-05
2026-04-05 06:16Z
HIGH

CVE-2026-5544 — The manipulation of the argument Profile results in stack-based buffer overflow.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-5544

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. CVSSv3.1 8.8 (HIGH) · EPSS 14th percentile

CWECWE 121CWECWE 119TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-04
2026-04-04 14:16Z
HIGH

CVE-2018-25255 — Strike: 10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-25255

10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that overflows the buffer, overwrites the SEH chain, and executes shellcode when the file is opened in the application. CVSSv3.1 8.4 (HIGH)

CWECWE 787VNDStrikeTYPVulnerability
8.4
CVSS v3.1
92
Edit Score
2026-04-04
2026-04-04 14:16Z
CRIT

CVE-2018-25254 — NICO: NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-25254

NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and redirect execution to injected shellcode. CVSSv3.1 9.8 (CRITICAL)

CWECWE 787VNDNicoTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-04
2026-04-04 14:16Z
HIGH

CVE-2018-25251 — Snes9K: 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2018-25251

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu to achieve code execution through SEH chain exploitation. CVSSv3.1 8.4 (HIGH)

CWECWE 787VNDSnes9kTYPVulnerability
8.4
CVSS v3.1
92
Edit Score
2026-04-04
2026-04-04 14:16Z
CRIT

CVE-2016-20052 — Snewscms Snews: CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2016-20052

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews_files directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by accessing the uploaded file path to achieve remote code execution. CVSSv3.1 9.8 (CRITICAL)

CWECWE 434VNDSnewscmsVNDSnewsTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-04
2026-04-04 12:16Z
HIGH

CVE-2026-3666 — Forum: The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-3666

The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber level access and above, to delete arbitrary files on the server by embedding a crafted path traversal string in a forum post body and then deleting the post. CVSSv3.1 8.8 (HIGH) · EPSS 10th percentile

CWECWE 22VNDForumTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-04
2026-04-04 08:16Z
HIGH

CVE-2026-4896 — WCFM: The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-4896

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.25 via multiple AJAX actions including `wcfm_modify_order_status`, `delete_wcfm_article`, `delete_wcfm_product`, and the article management controller due to missing validation on user-supplied object IDs. This makes it possible for authenticated attackers, with Vendor- CVSSv3.1 8.1 (HIGH) · EPSS 2th percentile

CWECWE 639VNDWcfmTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-04
2026-04-04 01:16Z
CRIT

CVE-2026-35616 — Fortinet Forticlientems: A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-35616

A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. CVSSv3.1 9.8 (CRITICAL)

CWECWE 284VNDFortinetTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2026-04-04
2026-04-04 01:16Z
HIGH

CVE-2026-34780 — Electronjs Electron: From versions 39.0.0-alpha.1 to before 39.8.0, 40.0.0-alpha.1 to before 40.7.0, and 41.0.0-alpha.1 to before

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34780

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 39.0.0-alpha.1 to before 39.8.0, 40.0.0-alpha.1 to before 40.7.0, and 41.0.0-alpha.1 to before 41.0.0-beta.8, apps that pass VideoFrame objects (from the WebCodecs API) across the contextBridge are vulnerable to a context isolation bypass. An attacker who can execute JavaScript in the main world (for example, via XSS) can use a bridged VideoFrame to gain acces CVSSv3.1 8.3 (HIGH)

CWECWE 668CWECWE 1188VNDElectronjsVNDElectronTYPVulnerability
8.3
CVSS v3.1
92
Edit Score
2026-04-04
2026-04-04 00:16Z
HIGH

CVE-2026-34955 — Praison Praisonai: Prior to version 4.5.97, SubprocessSandbox in all modes (BASIC, STRICT, NETWORK_ISOLATED) calls subprocess.run() with

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34955

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, SubprocessSandbox in all modes (BASIC, STRICT, NETWORK_ISOLATED) calls subprocess.run() with shell=True and relies solely on string-pattern matching to block dangerous commands. The blocklist does not include sh or bash as standalone executables, allowing trivial sandbox escape in STRICT mode via sh -c '<command>'. This issue has been patched in version 4.5.97. CVSSv3.1 8.8 (HIGH)

CWECWE 78VNDPraisonVNDPraisonaiTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2026-04-04
2026-04-04 00:16Z
HIGH

CVE-2026-34774 — Electron: Prior to versions 39.8.1, 40.7.0, and 41.0.0, apps that use offscreen rendering and allow

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34774

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 39.8.1, 40.7.0, and 41.0.0, apps that use offscreen rendering and allow child windows via window.open() may be vulnerable to a use-after-free. If the parent offscreen WebContents is destroyed while a child window remains open, subsequent paint frames on the child dereference freed memory, which may lead to a crash or memory corruption. Apps are only affect CVSSv3.1 8.1 (HIGH)

CWECWE 416VNDElectronTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2026-04-03
2026-04-03 23:17Z
HIGH

CVE-2026-34954 — Praison Praisonaiagents: Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2026-34954

PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95. CVSSv3.1 8.6 (HIGH)

CWECWE 918VNDPraisonVNDPraisonaiTYPVulnerability
8.6
CVSS v3.1
93
Edit Score