CVE-2026-3076 - Apache Web Server Authentication Bypass Vulnerability
CVE ID : CVE-2026-3076
Published : March 3, 2026, 11:15 p.m. | 31 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-2363. Reason: This candidate is a reservation duplicate of CVE-2026-2363. Notes: All CVE users should reference CVE-2026-2363 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-3076
Published : March 3, 2026, 11:15 p.m. | 31 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-2363. Reason: This candidate is a reservation duplicate of CVE-2026-2363. Notes: All CVE users should reference CVE-2026-2363 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-3266 - Improper access control vulnerability has been discovered in OpenText™ Filr.
CVE ID : CVE-2026-3266
Published : March 3, 2026, 11:15 p.m. | 31 minutes ago
Description : Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs. This issue affects Filr: through 25.1.2.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-3266
Published : March 3, 2026, 11:15 p.m. | 31 minutes ago
Description : Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs. This issue affects Filr: through 25.1.2.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1273 - PostX <= 5.0.8 - Authenticated (Administrator+) Server-Side Request Forgery via REST API Endpoints
CVE ID : CVE-2026-1273
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.8 via the `/ultp/v3/starter_dummy_post/` and `/ultp/v3/starter_import_content/` REST API endpoints. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1273
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.8 via the `/ultp/v3/starter_dummy_post/` and `/ultp/v3/starter_import_content/` REST API endpoints. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1651 - Email Subscribers & Newsletters <= 5.9.16 - Authenticated (Administrator+) SQL Injection via 'workflow_ids' Parameter
CVE ID : CVE-2026-1651
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the 'workflow_ids' parameter in all versions up to, and including, 5.9.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1651
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the 'workflow_ids' parameter in all versions up to, and including, 5.9.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1945 - WPBookit <= 1.0.8 - Unauthenticated Stored Cross-Site Scripting via 'wpb_user_name' and 'wpb_user_email' Parameters
CVE ID : CVE-2026-1945
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpb_user_name' and 'wpb_user_email' parameters in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1945
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpb_user_name' and 'wpb_user_email' parameters in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1980 - WPBookit <= 1.0.8 - Missing Authorization to Unauthenticated Sensitive Customer Data Exposure
CVE ID : CVE-2026-1980
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'get_customer_list' route in all versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including names, emails, phone numbers, dates of birth, and gender.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1980
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'get_customer_list' route in all versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to retrieve sensitive customer information including names, emails, phone numbers, dates of birth, and gender.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2289 - Taskbuilder <= 5.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Block Emails' Field
CVE ID : CVE-2026-2289
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The Taskbuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2289
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The Taskbuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2292 - Morkva UA Shipping <= 1.7.9 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Weight, kg' Field
CVE ID : CVE-2026-2292
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The Morkva UA Shipping plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2292
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : The Morkva UA Shipping plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-3244 - Concrete CMS below version 9.4.8 is vulnerable to Stored XSS in Search Results via Page Names
CVE ID : CVE-2026-3244
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : In Concrete CMS below version 9.4.8, A stored cross-site scripting (XSS) vulnerability exists in the search block where page names and content are rendered without proper HTML encoding in search results. This allows authenticated, rogue administrators to inject malicious JavaScript through page names that executes when users search for and view those pages in search results. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks zolpak for reporting
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-3244
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : In Concrete CMS below version 9.4.8, A stored cross-site scripting (XSS) vulnerability exists in the search block where page names and content are rendered without proper HTML encoding in search results. This allows authenticated, rogue administrators to inject malicious JavaScript through page names that executes when users search for and view those pages in search results. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks zolpak for reporting
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-3452 - Concrete CMS below 9.4.8 is vulnerable to stored deserialization leading to RCE in the Express Entry List block.
CVE ID : CVE-2026-3452
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : Concrete CMS below version 9.4.8 is vulnerable to Remote Code Execution by stored PHP object injection into the Express Entry List block via the columns parameter. An authenticated administrator can store attacker-controlled serialized data in block configuration fields that are later passed to unserialize() without class restrictions or integrity checks. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 8.9 with vector CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H. Thanks YJK ( @YJK0805 https://hackerone.com/yjk0805 ) of ZUSO ART https://zuso.ai/ for reporting.
Severity: 8.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-3452
Published : March 4, 2026, 2:15 a.m. | 1 hour, 32 minutes ago
Description : Concrete CMS below version 9.4.8 is vulnerable to Remote Code Execution by stored PHP object injection into the Express Entry List block via the columns parameter. An authenticated administrator can store attacker-controlled serialized data in block configuration fields that are later passed to unserialize() without class restrictions or integrity checks. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 8.9 with vector CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H. Thanks YJK ( @YJK0805 https://hackerone.com/yjk0805 ) of ZUSO ART https://zuso.ai/ for reporting.
Severity: 8.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2994 - Concrete CMS below 9.4.8 is vulnerable to CSRF by a Rogue Admin using the Anti-Spam Allowlist Group
CVE ID : CVE-2026-2994
Published : March 4, 2026, 3:16 a.m. | 32 minutes ago
Description : Concrete CMS below version 9.4.8 is subject to CSRF by a Rogue Administrator using the Anti-Spam Allowlist Group Configuration via group_id parameter which can leads to a security bypass since changes are saved prior to checking the CSRF token. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks z3rco for reporting
Severity: 2.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2994
Published : March 4, 2026, 3:16 a.m. | 32 minutes ago
Description : Concrete CMS below version 9.4.8 is subject to CSRF by a Rogue Administrator using the Anti-Spam Allowlist Group Configuration via group_id parameter which can leads to a security bypass since changes are saved prior to checking the CSRF token. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks z3rco for reporting
Severity: 2.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-3240 - Concrete CMS below 9.4.8 is vulnerable to Stored XSS via Legacy form
CVE ID : CVE-2026-3240
Published : March 4, 2026, 3:16 a.m. | 32 minutes ago
Description : In Concrete CMS below version 9.4.8, a user with permission to edit a page with element Legacy form can perform a stored XSS attack towards high-privilege accounts via the Question field. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Thanks minhnn42, namdi and quanlna2 from VCSLab-Viettel Cyber Security for reporting.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-3240
Published : March 4, 2026, 3:16 a.m. | 32 minutes ago
Description : In Concrete CMS below version 9.4.8, a user with permission to edit a page with element Legacy form can perform a stored XSS attack towards high-privilege accounts via the Question field. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Thanks minhnn42, namdi and quanlna2 from VCSLab-Viettel Cyber Security for reporting.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-3241 - Concrete CMS below version 9.4.8 is vulnerable to a stored cross-site scripting (XSS) in the "Legacy Form" block.
CVE ID : CVE-2026-3241
Published : March 4, 2026, 3:16 a.m. | 32 minutes ago
Description : In Concrete CMS below version 9.4.8, a stored cross-site scripting (XSS) vulnerability exists in the "Legacy Form" block. An authenticated user with permissions to create or edit forms (e.g., a rogue administrator) can inject a persistent JavaScript payload into the options of a multiple-choice question (Checkbox List, Radio Buttons, or Select Box). This payload is then executed in the browser of any user who views the page containing the form. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks M3dium for reporting.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-3241
Published : March 4, 2026, 3:16 a.m. | 32 minutes ago
Description : In Concrete CMS below version 9.4.8, a stored cross-site scripting (XSS) vulnerability exists in the "Legacy Form" block. An authenticated user with permissions to create or edit forms (e.g., a rogue administrator) can inject a persistent JavaScript payload into the options of a multiple-choice question (Checkbox List, Radio Buttons, or Select Box). This payload is then executed in the browser of any user who views the page containing the form. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks M3dium for reporting.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-3242 - Concrete CMS below 9.4.8 is vulnerable to Stored XSS in the Switch Language block
CVE ID : CVE-2026-3242
Published : March 4, 2026, 3:16 a.m. | 32 minutes ago
Description : In Concrete CMS below version 9.4.8, a rogue administrator can add stored XSS via the Switch Language block. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks M3dium for reporting.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-3242
Published : March 4, 2026, 3:16 a.m. | 32 minutes ago
Description : In Concrete CMS below version 9.4.8, a rogue administrator can add stored XSS via the Switch Language block. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks M3dium for reporting.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2025 - Mail Mint < 1.19.5 - Unauthenticated Emails Disclosure
CVE ID : CVE-2026-2025
Published : March 4, 2026, 6:16 a.m. | 1 hour, 33 minutes ago
Description : The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2025
Published : March 4, 2026, 6:16 a.m. | 1 hour, 33 minutes ago
Description : The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28771 - IDC SFX Series SuperFlex Satellite Receiver Web Management Interface Reflected Cross-Site Scripting (XSS)
CVE ID : CVE-2026-28771
Published : March 4, 2026, 7:11 a.m. | 37 minutes ago
Description : A Reflected Cross-Site Scripting (XSS) vulnerability exists in the /index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web Management Interface version 101. The application fails to adequately sanitize user-supplied input provided via the `cat` parameter before reflecting it in the HTTP response, allowing a remote attacker to execute arbitrary HTML or JavaScript in the victim's browser context.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28771
Published : March 4, 2026, 7:11 a.m. | 37 minutes ago
Description : A Reflected Cross-Site Scripting (XSS) vulnerability exists in the /index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web Management Interface version 101. The application fails to adequately sanitize user-supplied input provided via the `cat` parameter before reflecting it in the HTTP response, allowing a remote attacker to execute arbitrary HTML or JavaScript in the victim's browser context.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28772 - Reflected XSS in Logging Index endpoint
CVE ID : CVE-2026-28772
Published : March 4, 2026, 7:12 a.m. | 36 minutes ago
Description : A Reflected Cross-Site Scripting (XSS) vulnerability in the /IDC_Logging/index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 allows a remote attacker to execute arbitrary web scripts or HTML. The vulnerability is triggered by sending a crafted payload through the `submitType` parameter, which is reflected directly into the DOM without proper escaping.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28772
Published : March 4, 2026, 7:12 a.m. | 36 minutes ago
Description : A Reflected Cross-Site Scripting (XSS) vulnerability in the /IDC_Logging/index.cgi endpoint of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 allows a remote attacker to execute arbitrary web scripts or HTML. The vulnerability is triggered by sending a crafted payload through the `submitType` parameter, which is reflected directly into the DOM without proper escaping.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28769 - IDC SFX Series SuperFlex Satellite Receiver Perl Path Traversal Vulnerability
CVE ID : CVE-2026-28769
Published : March 4, 2026, 7:16 a.m. | 33 minutes ago
Description : A path traversal vulnerability exists in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the `file` parameter to traverse directories and enumerate arbitrary files on the underlying filesystem. Due to the insecure perl file path handling function in use, a authenticated actor is able to preform directory traversal, with the backup endpoint confirming a file exists by indicating that a backup operation was successful or when using the path of a non existent file, the returned status is failed.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28769
Published : March 4, 2026, 7:16 a.m. | 33 minutes ago
Description : A path traversal vulnerability exists in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the `file` parameter to traverse directories and enumerate arbitrary files on the underlying filesystem. Due to the insecure perl file path handling function in use, a authenticated actor is able to preform directory traversal, with the backup endpoint confirming a file exists by indicating that a backup operation was successful or when using the path of a non existent file, the returned status is failed.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28770 - IDC SFX Series SuperFlex Satellite Receiver XML Injection Vulnerability
CVE ID : CVE-2026-28770
Published : March 4, 2026, 7:16 a.m. | 33 minutes ago
Description : Improper neutralization of special elements in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management Interface version 101 allows for XML Injection. The application reflects un-sanitized user input from the `file` parameter directly into a CDATA block, allowing an authenticated attacker to break out of the tags and inject arbitrary XML elements. An actor is confirmed to be able to turn this into an reflected XSS but further abuse such as XXE may be possible
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-28770
Published : March 4, 2026, 7:16 a.m. | 33 minutes ago
Description : Improper neutralization of special elements in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management Interface version 101 allows for XML Injection. The application reflects un-sanitized user input from the `file` parameter directly into a CDATA block, allowing an authenticated attacker to break out of the tags and inject arbitrary XML elements. An actor is confirmed to be able to turn this into an reflected XSS but further abuse such as XXE may be possible
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2363 - WP-Members Membership Plugin <= 3.5.5.1 - Authenticated (Contributor+) SQL Injection via 'order_by' Shortcode Attribute
CVE ID : CVE-2026-2363
Published : March 4, 2026, 7:16 a.m. | 33 minutes ago
Description : The WP-Members Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'order_by' attribute of the [wpmem_user_membership_posts] shortcode in all versions up to, and including, 3.5.5.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2363
Published : March 4, 2026, 7:16 a.m. | 33 minutes ago
Description : The WP-Members Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'order_by' attribute of the [wpmem_user_membership_posts] shortcode in all versions up to, and including, 3.5.5.1. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...