π¨ CVE-2026-29597
DDSN Interactive cm3 Acora CMS version 10.7.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive configuration files by force browsing the β/Admin/file_manager/file_details.aspβ endpoint and manipulating the βfileβ parameter. By referencing specific files (e.g., cm3.xml), the attacker can retrieve system administrator credentials, SMTP settings, database credentials, and other confidential information. The exposure of this information can lead to full administrative access to the CMS, unauthorized access to email services, compromise of backend databases, lateral movement within the network, and long-term persistence by an attacker. This access control bypass poses a critical risk of account takeover, privilege escalation, and systemic compromise of the affected application and its associated infrastructure.
π@cveNotify
DDSN Interactive cm3 Acora CMS version 10.7.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive configuration files by force browsing the β/Admin/file_manager/file_details.aspβ endpoint and manipulating the βfileβ parameter. By referencing specific files (e.g., cm3.xml), the attacker can retrieve system administrator credentials, SMTP settings, database credentials, and other confidential information. The exposure of this information can lead to full administrative access to the CMS, unauthorized access to email services, compromise of backend databases, lateral movement within the network, and long-term persistence by an attacker. This access control bypass poses a critical risk of account takeover, privilege escalation, and systemic compromise of the affected application and its associated infrastructure.
π@cveNotify
GitHub
GitHub - padayali-JD/CVE-2026-29597
Contribute to padayali-JD/CVE-2026-29597 development by creating an account on GitHub.
π¨ CVE-2026-29598
Multiple stored cross-site scripting (XSS) vulnerabilities in the submit_add_user.asp endpoint of DDSN Interactive Acora CMS v10.7.1 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name and Last Name parameters.
π@cveNotify
Multiple stored cross-site scripting (XSS) vulnerabilities in the submit_add_user.asp endpoint of DDSN Interactive Acora CMS v10.7.1 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name and Last Name parameters.
π@cveNotify
GitHub
GitHub - padayali-JD/CVE-2026-29598
Contribute to padayali-JD/CVE-2026-29598 development by creating an account on GitHub.
π¨ CVE-2026-30603
An issue in the firmware update mechanism of Qianniao QN-L23PA0904 v20250721.1640 allows attackers to gain root access, install backdoors, and exfiltrate data via supplying a crafted iu.sh script contained in an SD card.
π@cveNotify
An issue in the firmware update mechanism of Qianniao QN-L23PA0904 v20250721.1640 allows attackers to gain root access, install backdoors, and exfiltrate data via supplying a crafted iu.sh script contained in an SD card.
π@cveNotify
GitHub
Research/CVE-2026-30603/CVE-2026-30603.md at main Β· 0xghostrush/Research
Contains CVEs that I have discovered. Contribute to 0xghostrush/Research development by creating an account on GitHub.
π¨ CVE-2026-30460
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in the Blocks module.
π@cveNotify
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in the Blocks module.
π@cveNotify
GitHub
GitHub - daylightstudio/FUEL-CMS: A CodeIgniter Content Management System
A CodeIgniter Content Management System. Contribute to daylightstudio/FUEL-CMS development by creating an account on GitHub.
π¨ CVE-2025-63743
Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker with lowest privileges sufficient only to log in, to inject arbitrary JavaScript code via "Name" and "Surname" fields. The JavaScript code is executed whenever "Activity Report" or modified profile is viewed directly by any user with sufficient permissions. Successful exploitation of this issue requires that the profile's "Display Name" is not set. The vulnerability is fixed in v8.3.2.
π@cveNotify
Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker with lowest privileges sufficient only to log in, to inject arbitrary JavaScript code via "Name" and "Surname" fields. The JavaScript code is executed whenever "Activity Report" or modified profile is viewed directly by any user with sufficient permissions. Successful exploitation of this issue requires that the profile's "Display Name" is not set. The vulnerability is fixed in v8.3.2.
π@cveNotify
GitHub
Updated `->present()->fullName()` to `->display_name` Β· grokability/snipe-it@b6d397b
Signed-off-by: snipe <snipe@snipe.net>
π¨ CVE-2026-30461
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/Installer.php and the function add_git_submodule.
π@cveNotify
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/Installer.php and the function add_git_submodule.
π@cveNotify
GitHub
FUEL-CMS/fuel/modules/fuel/controllers/Installer.php at master Β· daylightstudio/FUEL-CMS
A CodeIgniter Content Management System. Contribute to daylightstudio/FUEL-CMS development by creating an account on GitHub.
π¨ CVE-2026-30266
Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.12 and before allows a local attacker to execute arbitrary code via a crafted file
π@cveNotify
Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.12 and before allows a local attacker to execute arbitrary code via a crafted file
π@cveNotify
GitHub
vulnerability-research/CVE-2026-30266 at main Β· uncle-hash/vulnerability-research
This repository contains information on all of the CVEs I found. - uncle-hash/vulnerability-research
π¨ CVE-2026-30352
A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter.
π@cveNotify
A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter.
π@cveNotify
Gist
CVE-2026-30352 - AutoForge Remote Code Execution via crafted command parameter
CVE-2026-30352 - AutoForge Remote Code Execution via crafted command parameter - gist:e3bdee6c022b36d5ecb98fbf61284931
π¨ CVE-2026-30462
A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to execute a directory traversal.
π@cveNotify
A path traversal vulnerability in the Blocks module of Daylight Studio FuelCMS v1.5.2 allows attackers to execute a directory traversal.
π@cveNotify
GitHub
FUEL-CMS/fuel/modules/fuel/controllers/Blocks.php at master Β· daylightstudio/FUEL-CMS
A CodeIgniter Content Management System. Contribute to daylightstudio/FUEL-CMS development by creating an account on GitHub.
π¨ CVE-2026-38934
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
π@cveNotify
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
π@cveNotify
GitHub
diskoverdata-cve-writeups/CVE-2026-38934 at main Β· VadlaReddySai/diskoverdata-cve-writeups
Multiple CVEs (CVE-2026-38934, CVE-2026-38935, CVE-2026-38936) discovered in diskover-community including CSRF and XSS vulnerabilities with proof-of-concept and impact analysis. - VadlaReddySai/dis...
π¨ CVE-2026-38935
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter
π@cveNotify
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter
π@cveNotify
GitHub
diskoverdata-cve-writeups/CVE-2026-38935 at main Β· VadlaReddySai/diskoverdata-cve-writeups
Multiple CVEs (CVE-2026-38934, CVE-2026-38935, CVE-2026-38936) discovered in diskover-community including CSRF and XSS vulnerabilities with proof-of-concept and impact analysis. - VadlaReddySai/dis...
π¨ CVE-2026-38936
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter
π@cveNotify
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter
π@cveNotify
GitHub
diskoverdata-cve-writeups/CVE-2026-38936 at main Β· VadlaReddySai/diskoverdata-cve-writeups
Multiple CVEs (CVE-2026-38934, CVE-2026-38935, CVE-2026-38936) discovered in diskover-community including CSRF and XSS vulnerabilities with proof-of-concept and impact analysis. - VadlaReddySai/dis...
π¨ CVE-2025-60889
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.
π@cveNotify
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.
π@cveNotify
Gist
cvd_hpx_20250902.md
GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2026-36356
The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint.
π@cveNotify
The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint.
π@cveNotify
GitHub
GitHub - totekuh/CVE-2026-36356: CVE-2026-36356: MeiG Smart FORGE_SLT711 GoAhead - Unauthenticated OS Command Injection (RCE asβ¦
CVE-2026-36356: MeiG Smart FORGE_SLT711 GoAhead - Unauthenticated OS Command Injection (RCE as root) - totekuh/CVE-2026-36356
π¨ CVE-2023-24215
Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request.
π@cveNotify
Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request.
π@cveNotify
GitHub
cve-disclosures/00_-_CVE-2023-24215.md at main Β· sql3t0/cve-disclosures
Collection of CVEs and security advisories discovered and responsibly disclosed by Sql3t0, including technical details, impact assessment, and mitigation guidance. - sql3t0/cve-disclosures
π¨ CVE-2026-36239
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality
π@cveNotify
PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality
π@cveNotify
GitHub
GitHub - TazmiDev/CVE-2026-36239: CVE-2026-36239 | Authenticated RCE in PbootCMS β€3.2.12
CVE-2026-36239 | Authenticated RCE in PbootCMS β€3.2.12 - TazmiDev/CVE-2026-36239
π¨ CVE-2026-38930
OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter.
π@cveNotify
OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter.
π@cveNotify
π¨ CVE-2026-38931
A stored cross-site scripting (XSS) vulnerability in the /admin/config-module.php component of creatorsofcode simplephp GitHub commit 5184cff (Latest as of 2026-02-27) via injecting a crafted payload.
π@cveNotify
A stored cross-site scripting (XSS) vulnerability in the /admin/config-module.php component of creatorsofcode simplephp GitHub commit 5184cff (Latest as of 2026-02-27) via injecting a crafted payload.
π@cveNotify
π¨ CVE-2026-36174
GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface.
π@cveNotify
GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface.
π@cveNotify
GitHub
IoT-Vulnerability-Research-Public/GNCC-GP5-T23/README.md at main Β· BadChemical/IoT-Vulnerability-Research-Public
Independent IoT security research, vulnerability disclosures, and PoCs focusing on firmware analysis, hardware interfaces, and cryptographic flaws. - BadChemical/IoT-Vulnerability-Research-Public
π¨ CVE-2026-36175
An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments.
π@cveNotify
An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments.
π@cveNotify
GitHub
IoT-Vulnerability-Research-Public/GNCC-GP5-T23/README.md at main Β· BadChemical/IoT-Vulnerability-Research-Public
Independent IoT security research, vulnerability disclosures, and PoCs focusing on firmware analysis, hardware interfaces, and cryptographic flaws. - BadChemical/IoT-Vulnerability-Research-Public
π¨ CVE-2026-36176
GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface.
π@cveNotify
GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface.
π@cveNotify
GitHub
IoT-Vulnerability-Research-Public/GNCC-GP5-T23/README.md at main Β· BadChemical/IoT-Vulnerability-Research-Public
Independent IoT security research, vulnerability disclosures, and PoCs focusing on firmware analysis, hardware interfaces, and cryptographic flaws. - BadChemical/IoT-Vulnerability-Research-Public