CVE-2026-55742 - Cotonti CSRF in admin.rights.php allows privilege escalation
CVE ID :CVE-2026-55742
Published : June 18, 2026, 6:05 a.m. | 4 hours, 2 minutes ago
Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action ('a=update') modifies group access rights (including via cot_auth_add_group) without calling cot_check_xg() to validate the anti-CSRF token. A remote attacker who lures an authenticated administrator into visiting a malicious page can force the browser to submit a forged request that grants elevated permissions to an attacker-controlled group, escalating privileges to administrator. Because Cotonti administrators can modify templates and configuration, this can be further leveraged toward remote code execution.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-55742
Published : June 18, 2026, 6:05 a.m. | 4 hours, 2 minutes ago
Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action ('a=update') modifies group access rights (including via cot_auth_add_group) without calling cot_check_xg() to validate the anti-CSRF token. A remote attacker who lures an authenticated administrator into visiting a malicious page can force the browser to submit a forged request that grants elevated permissions to an attacker-controlled group, escalating privileges to administrator. Because Cotonti administrators can modify templates and configuration, this can be further leveraged toward remote code execution.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-55744 - Cotonti CSRF in PFS allows forced arbitrary file upload
CVE ID :CVE-2026-55744
Published : June 18, 2026, 6:06 a.m. | 4 hours, 1 minute ago
Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.main.php, the file upload action ('a=upload') processes uploaded files without calling cot_check_xg() to validate the anti-CSRF token, even though sibling actions such as 'delete' (line 272) do. A remote attacker who lures an authenticated user into visiting a malicious page can force the browser to submit a forged multipart request that uploads arbitrary files into the victim's PFS storage.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-55744
Published : June 18, 2026, 6:06 a.m. | 4 hours, 1 minute ago
Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.main.php, the file upload action ('a=upload') processes uploaded files without calling cot_check_xg() to validate the anti-CSRF token, even though sibling actions such as 'delete' (line 272) do. A remote attacker who lures an authenticated user into visiting a malicious page can force the browser to submit a forged multipart request that uploads arbitrary files into the victim's PFS storage.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-55745 - Cotonti CSRF in PFS folder edit allows unauthorized folder modification
CVE ID :CVE-2026-55745
Published : June 18, 2026, 6:07 a.m. | 4 hours, 1 minute ago
Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.editfolder.php, the folder update action ('a=update') updates folder metadata (title, description, public/gallery flags) without calling cot_check_xg() to validate the anti-CSRF token. A remote attacker who lures an authenticated user into visiting a malicious page can force the browser to submit a forged request that modifies the victim's folder metadata, including making a private folder public.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-55745
Published : June 18, 2026, 6:07 a.m. | 4 hours, 1 minute ago
Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the Personal File Storage (PFS) module. In modules/pfs/inc/pfs.editfolder.php, the folder update action ('a=update') updates folder metadata (title, description, public/gallery flags) without calling cot_check_xg() to validate the anti-CSRF token. A remote attacker who lures an authenticated user into visiting a malicious page can force the browser to submit a forged request that modifies the victim's folder metadata, including making a private folder public.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28573 - Android Persistent Denial of Service
CVE ID :CVE-2026-28573
Published : June 18, 2026, 6:29 a.m. | 3 hours, 38 minutes ago
Description :In AndroidManifest.xml, there is a possible persistent denial of service due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-28573
Published : June 18, 2026, 6:29 a.m. | 3 hours, 38 minutes ago
Description :In AndroidManifest.xml, there is a possible persistent denial of service due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-55746 - Cotonti stored XSS via PFS folder title
CVE ID :CVE-2026-55746
Published : June 18, 2026, 6:46 a.m. | 3 hours, 21 minutes ago
Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to stored Cross-Site Scripting in the Personal File Storage (PFS) module. A folder title (pff_title) is imported with the 'TXT' filter, which does not strip or encode HTML (the tag check in cot_import is disabled), so an authenticated user can store HTML/JavaScript in a folder title. In modules/pfs/inc/pfs.main.php the title is assigned to the template variable PFF_ROW_TITLE without htmlspecialchars(), and modules/pfs/tpl/pfs.tpl outputs {PFF_ROW_TITLE} unescaped. When the folder listing is viewed (including by other users for public folders), the injected script executes in the victim's browser.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-55746
Published : June 18, 2026, 6:46 a.m. | 3 hours, 21 minutes ago
Description :Cotonti 1.0.0 (master branch, commit f43f1fc3) is vulnerable to stored Cross-Site Scripting in the Personal File Storage (PFS) module. A folder title (pff_title) is imported with the 'TXT' filter, which does not strip or encode HTML (the tag check in cot_import is disabled), so an authenticated user can store HTML/JavaScript in a folder title. In modules/pfs/inc/pfs.main.php the title is assigned to the template variable PFF_ROW_TITLE without htmlspecialchars(), and modules/pfs/tpl/pfs.tpl outputs {PFF_ROW_TITLE} unescaped. When the folder listing is viewed (including by other users for public folders), the injected script executes in the victim's browser.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12136 - SysBasics Customize My Account for WooCommerce <= 4.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
CVE ID :CVE-2026-12136
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The Customize My Account For Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sysbasics_user_avatar' shortcode in versions up to, and including, 4.3.6. This is due to insufficient input sanitization and output escaping on user supplied attributes (min_height, min_width, max_height, max_width) in the wcmamtx_get_avatar_default() function, which are concatenated unescaped into the get_avatar() extra_attr style attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12136
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The Customize My Account For Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sysbasics_user_avatar' shortcode in versions up to, and including, 4.3.6. This is due to insufficient input sanitization and output escaping on user supplied attributes (min_height, min_width, max_height, max_width) in the wcmamtx_get_avatar_default() function, which are concatenated unescaped into the get_avatar() extra_attr style attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12102 - UsersWP <= 1.2.63 - Insecure Direct Object Reference to Authenticated (Editor+) Arbitrary User Avatar/Banner Reset via 'user_id' Parameter
CVE ID :CVE-2026-12102
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63 via the 'user_id' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with editor-level access and above, to reset and permanently delete the avatar or banner image of any arbitrary user, including administrators, by clearing their avatar_thumb or banner_thumb metadata in the uwp_usermeta table.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12102
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63 via the 'user_id' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with editor-level access and above, to reset and permanently delete the avatar or banner image of any arbitrary user, including administrators, by clearing their avatar_thumb or banner_thumb metadata in the uwp_usermeta table.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12137 - SysBasics Customize My Account for WooCommerce <= 4.3.6 - Reflected Cross-Site Scripting via 'tab' Parameter
CVE ID :CVE-2026-12137
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The SysBasics Customize My Account for WooCommerce – Dashboard, Endpoints, Avatar & Menu Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 4.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Because the vulnerable plugin_options_page() function is only rendered within the WordPress admin dashboard, successful exploitation requires the targeted victim to be logged in with Shop Manager-level access or higher.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12137
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The SysBasics Customize My Account for WooCommerce – Dashboard, Endpoints, Avatar & Menu Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 4.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Because the vulnerable plugin_options_page() function is only rendered within the WordPress admin dashboard, successful exploitation requires the targeted victim to be logged in with Shop Manager-level access or higher.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12098 - PowerPress Podcasting plugin by Blubrry <= 11.16.8 - Authenticated (Author+) Stored Cross-Site Scripting via 'embed' Episode Meta Field
CVE ID :CVE-2026-12098
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'embed' Episode Meta Field in all versions up to, and including, 11.16.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The embed value is stored via update_post_meta() rather than through WordPress core's post content pipeline, meaning kses-on-save filtering is never applied — even for Author-role users who would otherwise lack unfiltered_html — making this path unprotected by WordPress's standard role-based XSS mitigations.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12098
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'embed' Episode Meta Field in all versions up to, and including, 11.16.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The embed value is stored via update_post_meta() rather than through WordPress core's post content pipeline, meaning kses-on-save filtering is never applied — even for Author-role users who would otherwise lack unfiltered_html — making this path unprotected by WordPress's standard role-based XSS mitigations.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-11395 - CF7 to Webhook <= 5.0.0 - Unauthenticated Server-Side Request Forgery via CF7 Field Placeholder in Webhook URL Host
CVE ID :CVE-2026-11395
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.0 via the pull_the_trigger. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Exploitation requires that the admin-configured webhook URL contains a Contact Form 7 field placeholder in the host segment of the URL, and that the affected form is publicly accessible.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-11395
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.0 via the pull_the_trigger. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Exploitation requires that the admin-configured webhook URL contains a Contact Form 7 field placeholder in the host segment of the URL, and that the affected form is publicly accessible.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-12111 - Appointment Booking Calendar <= 1.4.01 - Authenticated (Contributor+) Sensitive Information Exposure via 'id' Parameter
CVE ID :CVE-2026-12111
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.4.01. This is due to insufficient authorization and missing per-calendar ownership checks in the cpabc_appointments_calendar_load2() function, which is reachable via the cpabc_calendar_load2=1 query parameter in wp-admin and only checks is_admin() && current_user_can('edit_posts'), a capability available to Contributor-level users and above. This makes it possible for authenticated attackers with Contributor-level access and above to supply an arbitrary calendar ID via the id parameter and extract customer booking information, including email addresses, names, phone numbers, booking times, and comments, from any calendar managed by the plugin.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-12111
Published : June 18, 2026, 6:50 a.m. | 3 hours, 18 minutes ago
Description :The Appointment Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.4.01. This is due to insufficient authorization and missing per-calendar ownership checks in the cpabc_appointments_calendar_load2() function, which is reachable via the cpabc_calendar_load2=1 query parameter in wp-admin and only checks is_admin() && current_user_can('edit_posts'), a capability available to Contributor-level users and above. This makes it possible for authenticated attackers with Contributor-level access and above to supply an arbitrary calendar ID via the id parameter and extract customer booking information, including email addresses, names, phone numbers, booking times, and comments, from any calendar managed by the plugin.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
❤1
CVE-2026-8039 - Fancy Testimonials <= 1.0 - Authenticated (Author+) Stored Cross-Site Scripting
CVE ID :CVE-2026-8039
Published : June 18, 2026, 7:48 a.m. | 2 hours, 20 minutes ago
Description :The Fancy Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'author' shortcode attribute in the 'testimonial' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8039
Published : June 18, 2026, 7:48 a.m. | 2 hours, 20 minutes ago
Description :The Fancy Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'author' shortcode attribute in the 'testimonial' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2021 - Slideshow Gallery LITE <= 1.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'alwaysauto' Shortcode Attribute
CVE ID :CVE-2026-2021
Published : June 18, 2026, 8:31 a.m. | 1 hour, 36 minutes ago
Description :The Slideshow Gallery LITE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alwaysauto' shortcode attribute in all versions up to, and including, 1.8.5. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-2021
Published : June 18, 2026, 8:31 a.m. | 1 hour, 36 minutes ago
Description :The Slideshow Gallery LITE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alwaysauto' shortcode attribute in all versions up to, and including, 1.8.5. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10560 - Hardcoded cloud credentials in Worksnaps client application binaries expose production cloud resources
CVE ID :CVE-2025-10560
Published : June 18, 2026, 8:32 a.m. | 1 hour, 36 minutes ago
Description :Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials authenticated as the AWS account root identity and provided access to Worksnaps production cloud resources, including S3 buckets containing sensitive data such as screenshots of user desktops. An attacker with access to the affected client binaries could extract or recover the credentials and use them to access affected Worksnaps cloud resources.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2025-10560
Published : June 18, 2026, 8:32 a.m. | 1 hour, 36 minutes ago
Description :Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials authenticated as the AWS account root identity and provided access to Worksnaps production cloud resources, including S3 buckets containing sensitive data such as screenshots of user desktops. An attacker with access to the affected client binaries could extract or recover the credentials and use them to access affected Worksnaps cloud resources.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-50643 - Out‑of‑Bounds Read in 8cc
CVE ID :CVE-2026-50643
Published : June 18, 2026, 8:58 a.m. | 1 hour, 10 minutes ago
Description :8cc is vulnerable to an Out‑of‑Bounds Read due to improper handling of #line directives and GNU linemarkers. The compiler accepts attacker-controlled filename and line number metadata and later uses it without validation when accessing source line arrays. By supplying invalid or oversized line numbers, an attacker can trigger out-of-bounds memory access and a crash. Maintainer of this project was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Version corresponding to the commit b480958 was tested and confirmed as vulnerable, other versions were not tested but might also be vulnerable.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-50643
Published : June 18, 2026, 8:58 a.m. | 1 hour, 10 minutes ago
Description :8cc is vulnerable to an Out‑of‑Bounds Read due to improper handling of #line directives and GNU linemarkers. The compiler accepts attacker-controlled filename and line number metadata and later uses it without validation when accessing source line arrays. By supplying invalid or oversized line numbers, an attacker can trigger out-of-bounds memory access and a crash. Maintainer of this project was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Version corresponding to the commit b480958 was tested and confirmed as vulnerable, other versions were not tested but might also be vulnerable.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8811 - Path traversal in PDF generation module
CVE ID :CVE-2026-8811
Published : June 18, 2026, 9:05 a.m. | 1 hour, 2 minutes ago
Description :SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8811
Published : June 18, 2026, 9:05 a.m. | 1 hour, 2 minutes ago
Description :SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8024 - Deserialization vulnerability in ibaPDA and ibaDatCoordinator
CVE ID :CVE-2026-8024
Published : June 18, 2026, 9:43 a.m. | 4 hours, 26 minutes ago
Description :A remote, unauthenticated attacker may exploit a deserialization of untrusted data vulnerability in ibaPDA or ibaDatCoordinator to gain full access to the affected systems.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8024
Published : June 18, 2026, 9:43 a.m. | 4 hours, 26 minutes ago
Description :A remote, unauthenticated attacker may exploit a deserialization of untrusted data vulnerability in ibaPDA or ibaDatCoordinator to gain full access to the affected systems.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-56007 - WordPress Ocean Product Sharing plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability
CVE ID :CVE-2026-56007
Published : June 18, 2026, 9:44 a.m. | 4 hours, 24 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OceanWP Ocean Product Sharing allows Stored XSS. This issue affects Ocean Product Sharing: from n/a through 2.2.2.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56007
Published : June 18, 2026, 9:44 a.m. | 4 hours, 24 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OceanWP Ocean Product Sharing allows Stored XSS. This issue affects Ocean Product Sharing: from n/a through 2.2.2.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-44942 - libzypp .repo files can have an optional path which can lead to path traversal attacks
CVE ID :CVE-2026-44942
Published : June 18, 2026, 9:57 a.m. | 4 hours, 12 minutes ago
Description :A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44942
Published : June 18, 2026, 9:57 a.m. | 4 hours, 12 minutes ago
Description :A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-54419 - PIAF-HMS multiple unauthenticated SQL injection vulnerabilities via mysql_query
CVE ID :CVE-2026-54419
Published : June 18, 2026, 10:21 a.m. | 3 hours, 47 minutes ago
Description :claudiopizzillo PIAF-HMS (PBX-In-A-Flash Hotel Management System; no released versions, latest commit 389d2633441b65ced1c104212cd62be2bfca21e5) contains multiple unauthenticated SQL injection vulnerabilities. The application has no authentication mechanism and passes user-supplied HTTP parameters directly into deprecated mysql_query() calls via string concatenation, without sanitization, escaping, or parameterization. Affected sinks include rooms.php (DELETE FROM Rooms WHERE ID = $_GET['ID'], unquoted numeric context), checkuser.php (WHERE Ext = '$_GET["Ext"]'), ec.php (date/extension parameters in a WHERE), checkin.php and wakeup.php ($_POST values into INSERT statements), bills.php ($_POST fields built into a WHERE clause), and rates.php and checkout.php. A remote, unauthenticated attacker can inject arbitrary SQL to read, modify, or delete arbitrary records in the backing database (e.g. rooms.php?ID=1 OR 1=1 deletes all room records). Note: queries run via the legacy mysql_* extension, which does not permit stacked statements.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-54419
Published : June 18, 2026, 10:21 a.m. | 3 hours, 47 minutes ago
Description :claudiopizzillo PIAF-HMS (PBX-In-A-Flash Hotel Management System; no released versions, latest commit 389d2633441b65ced1c104212cd62be2bfca21e5) contains multiple unauthenticated SQL injection vulnerabilities. The application has no authentication mechanism and passes user-supplied HTTP parameters directly into deprecated mysql_query() calls via string concatenation, without sanitization, escaping, or parameterization. Affected sinks include rooms.php (DELETE FROM Rooms WHERE ID = $_GET['ID'], unquoted numeric context), checkuser.php (WHERE Ext = '$_GET["Ext"]'), ec.php (date/extension parameters in a WHERE), checkin.php and wakeup.php ($_POST values into INSERT statements), bills.php ($_POST fields built into a WHERE clause), and rates.php and checkout.php. A remote, unauthenticated attacker can inject arbitrary SQL to read, modify, or delete arbitrary records in the backing database (e.g. rooms.php?ID=1 OR 1=1 deletes all room records). Note: queries run via the legacy mysql_* extension, which does not permit stacked statements.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-56009 - WordPress Bricksable for Bricks Builder plugin <= 1.6.83 - Cross Site Scripting (XSS) vulnerability
CVE ID :CVE-2026-56009
Published : June 18, 2026, 10:43 a.m. | 3 hours, 26 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bricksable for Bricks Builder allows Stored XSS. This issue affects Bricksable for Bricks Builder: from n/a through 1.6.83.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-56009
Published : June 18, 2026, 10:43 a.m. | 3 hours, 26 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bricksable for Bricks Builder allows Stored XSS. This issue affects Bricksable for Bricks Builder: from n/a through 1.6.83.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...