Search

Search Results (366296 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-50944 2 Aerocms Project, Megatkc 2 Aerocms, Aero Cms 2026-07-15 8.8 High
Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=add_post parameter, and the uploaded files are executed by the server.
CVE-2022-50943 1 Moodle 1 Moodle 2026-07-15 6.1 Medium
Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/search.php to execute arbitrary scripts in users' browsers and steal session cookies.
CVE-2021-47979 3 Miniorange, Wordpress, Wpbackitup 3 Backup And Restore, Wordpress, Backup And Restore Wordpress 2026-07-15 8.8 High
WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST requests to admin-ajax.php with crafted file_name and folder_name parameters to delete arbitrary files from the WordPress installation directory.
CVE-2021-47950 2 Ampps, Simplephpscripts 2 Advanced Guestbook, Guestbook Script 2026-07-15 6.4 Medium
Advanced Guestbook 2.4.4 contains a persistent cross-site scripting vulnerability in the smilies administration interface that allows authenticated attackers to inject malicious scripts by manipulating the s_emotion parameter. Attackers can submit POST requests to admin.php with JavaScript code in the s_emotion field, which executes when administrators view the smilies tab.
CVE-2021-47941 2 Modalsurvey, Wordpress 3 Survey & Poll, Wordpress Survey And Poll, Wordpress 2026-07-15 8.2 High
WordPress Plugin Survey & Poll 1.5.7.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wp_sap cookie parameter. Attackers can craft SQL payloads in the cookie to extract sensitive database information including usernames, passwords, and other confidential data from the WordPress database.
CVE-2021-47932 2 Thecartpress, Wordpress 2 Thecartpress, Wordpress 2026-07-15 9.8 Critical
WordPress TheCartPress 1.5.3.6 contains an unauthenticated privilege escalation vulnerability that allows attackers to create administrator accounts by submitting crafted requests to the AJAX handler. Attackers can send POST requests to the tcp_register_and_login_ajax action with tcp_role set to administrator to gain full administrative access without authentication.
CVE-2021-47925 2 Cmdbuild, Tecnoteca 2 Cmdbuild, Cmdbuild 2026-07-15 6.4 Medium
CMDBuild 3.3.2 contains multiple stored cross-site scripting vulnerabilities that allow authenticated attackers to inject arbitrary web script or HTML via crafted input in card creation and file upload endpoints. Attackers can inject XSS payloads through Employee card parameters or SVG file attachments in the classes endpoint, which execute when other users view the affected records or preview attachments.
CVE-2021-47903 2 Litespeed Technologies, Litespeedtech 2 Litespeed Web Server, Litespeed Web Server 2026-07-15 8.8 High
LiteSpeed Web Server Enterprise 5.4.11 contains an authenticated command injection vulnerability in the external app configuration interface. Authenticated administrators can inject shell commands through the 'Command' parameter in the server configuration, allowing remote code execution via path traversal and bash command injection.
CVE-2021-47889 2 Cd-messenger Project, Softros Systems 2 Cd-messenger, Lan Messenger 2026-07-15 7.8 High
Softros LAN Messenger 9.6.4 contains an unquoted service path vulnerability in the SoftrosSpellChecker service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Softros Systems\Softros Messenger\Spell Checker\' to inject malicious executables and escalate privileges.
CVE-2021-47815 2 Nsasoft, Nsauditor 2 Nsauditor, Nsauditor 2026-07-15 7.5 High
Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash.
CVE-2021-47778 2 Get-simple, Netexplorer 2 Getsimplecms, My Smtp Contact 2026-07-15 7.2 High
GetSimple CMS My SMTP Contact Plugin 1.1.2 contains a PHP code injection vulnerability. An authenticated administrator can inject arbitrary PHP code through plugin configuration parameters, leading to remote code execution on the server.
CVE-2021-47736 1 Cmsimple-xh 1 Cmsimple Xh 2026-07-15 7.2 High
CMSimple_XH 1.7.4 contains an authenticated remote code execution vulnerability in the content editing functionality that allows administrative users to upload malicious PHP files. Attackers with valid credentials can exploit the CSRF token mechanism to create a PHP shell file that enables arbitrary command execution on the server.
CVE-2021-47708 2 Bosch, Commax 2 Smart Home, Smart Home System 2026-07-15 N/A
COMMAX Smart Home System CDP-1020n contains an SQL injection vulnerability that allows attackers to bypass authentication by injecting arbitrary SQL code through the 'id' parameter in 'loginstart.asp'. Attackers can exploit this by sending a POST request with malicious 'id' values to manipulate database queries and gain unauthorized access.
CVE-2021-4474 3 Ruckus, Ruckussecurity, Ruckuswireless 9 Ruckus Unleashed, Smartzone 100-d (sz100-d) (eol), Smartzone 100 (sz-100) (eol) and 6 more 2026-07-15 4.9 Medium
Ruckus Access Point products contain an arbitrary file read vulnerability in the command-line interface that allows authenticated remote attackers with administrative privileges to read arbitrary files from the underlying filesystem. Attackers can exploit this vulnerability to access sensitive information including configuration files, credentials, and system data stored on the device.
CVE-2020-37255 2 Wordpress, Wptimecapsule 2 Wordpress, Wp Time Capsule 2026-07-15 7.5 High
WordPress Time Capsule Plugin 1.21.16 contains an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by sending a crafted POST request with the IWP_JSON_PREFIX header. Attackers can exploit this flaw to obtain valid administrator session cookies and access the WordPress dashboard without providing credentials.
CVE-2020-37254 1 Wondershare 1 Pdfelement 2026-07-15 7.8 High
Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious executable in the service path and execute code with LocalSystem privileges upon service restart or system reboot.
CVE-2020-37236 1 Netartmedia 1 News Lister 2026-07-15 6.4 Medium
NewsLister contains an authenticated persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the title parameter in the news addition interface. Attackers can inject JavaScript payloads via the title field in the admin panel that execute when news items are viewed by other users.
CVE-2020-37226 1 Joomsky 2 J2 Jobs, Js Jobs 2026-07-15 7.1 High
Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby' values to extract sensitive database information using automated tools.
CVE-2020-37224 1 Joomsky 2 J2 Jobs, Js Jobs 2026-07-15 7.1 High
Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby' values to extract sensitive database information.
CVE-2020-37216 1 Belden 1 Hirschmann Hios 2026-07-15 7.5 High
Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a length value larger than the actual packet size to render the device inoperable.