快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 360895
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-2363 |
The WP-Members Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'order_
|
MEDIUM | 6.5 | 2026-03-04 |
未知
|
NVD | |
| CVE-2026-28770 |
Improper neutralization of special elements in the /IDC_Logging/checkifdone.cgi script in Internatio
|
HIGH | 8.8 | 2026-03-04 |
datacast sfx2100_firmware
|
NVD | |
| CVE-2026-28769 |
A path traversal vulnerability exists in the /IDC_Logging/checkifdone.cgi script in International Da
|
MEDIUM | 6.5 | 2026-03-04 |
datacast sfx2100_firmware
|
NVD | |
| CVE-2026-2025 |
The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API end
|
HIGH | 7.5 | 2026-03-04 |
未知
|
NVD | |
| CVE-2026-3242 |
In Concrete CMS below version 9.4.8, a rogue administrator can add stored XSS via the Switch Languag
|
MEDIUM | 4.8 | 2026-03-04 |
concretecms concrete_cms
|
NVD | |
| CVE-2026-3241 |
In Concrete CMS below version 9.4.8, a stored cross-site scripting (XSS) vulnerability exists in the
|
MEDIUM | 4.8 | 2026-03-04 |
concretecms concrete_cms
|
NVD | |
| CVE-2026-3240 |
In Concrete CMS below version 9.4.8, a user with permission to edit a page with element Legacy form
|
MEDIUM | 4.8 | 2026-03-04 |
concretecms concrete_cms
|
NVD | |
| CVE-2026-2994 |
Concrete CMS below version 9.4.8 is subject to CSRF by a Rogue Administrator using the Anti-Spam All
|
MEDIUM | 6.8 | 2026-03-04 |
concretecms concrete_cms
|
NVD | |
| CVE-2026-3452 |
Concrete CMS below version 9.4.8 is vulnerable to Remote Code Execution by stored PHP object injecti
|
HIGH | 7.2 | 2026-03-04 |
concretecms concrete_cms
|
NVD | |
| CVE-2026-3244 |
In Concrete CMS below version 9.4.8, A stored cross-site scripting (XSS) vulnerability exists in the
|
MEDIUM | 4.8 | 2026-03-04 |
concretecms concrete_cms
|
NVD | |
| CVE-2026-2292 |
The Morkva UA Shipping plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin s
|
MEDIUM | 4.4 | 2026-03-04 |
未知
|
NVD | |
| CVE-2026-2289 |
The Taskbuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings
|
MEDIUM | 4.4 | 2026-03-04 |
未知
|
NVD | |
| CVE-2026-1980 |
The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing aut
|
MEDIUM | 5.3 | 2026-03-04 |
未知
|
NVD | |
| CVE-2026-1945 |
The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpb_user_nam
|
HIGH | 7.2 | 2026-03-04 |
未知
|
NVD | |
| CVE-2026-1651 |
The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the
|
MEDIUM | 6.5 | 2026-03-04 |
未知
|
NVD | |
| CVE-2026-1273 |
The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vu
|
HIGH | 7.2 | 2026-03-04 |
未知
|
NVD | |
| CVE-2026-3266 |
Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerabilit
|
CRITICAL | 9.8 | 2026-03-03 |
opentext filr
|
NVD | |
| CVE-2026-3076 |
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-2363. Reason: T
|
UNKNOWN | N/A | 2026-03-03 |
未知
|
NVD | |
| CVE-2026-28289 |
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vu
|
CRITICAL | 10.0 | 2026-03-03 |
freescout freescout
|
NVD | |
| CVE-2026-27981 |
HomeBox is a home inventory and organization system. Prior to 0.24.0, the authentication rate limite
|
HIGH | 7.4 | 2026-03-03 |
sysadminsmedia homebox
|
NVD |