| CVE-2026-2097 | 8.8 | Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell ba | | 2026-02-10 |
| CVE-2026-2096 | 9.8 | Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete data | | 2026-02-10 |
| CVE-2026-2095 | 9.8 | Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functional | | 2026-02-10 |
| CVE-2026-2094 | 8.8 | Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, mo | | 2026-02-10 |
| CVE-2026-2093 | 7.5 | Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read d | | 2026-02-10 |
| CVE-2026-2260 | 7.2 | A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argum | | 2026-02-10 |
| CVE-2026-24322 | 7.7 | SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowi | | 2026-02-10 |
| CVE-2026-23689 | 7.7 | Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network acce | | 2026-02-10 |
| CVE-2026-23687 | 8.8 | SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and s | | 2026-02-10 |
| CVE-2026-0509 | 9.6 | SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls witho | | 2026-02-10 |
| CVE-2026-0508 | 7.3 | The SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker with high privileges to insert malicious URL within the applic | | 2026-02-10 |
| CVE-2026-0490 | 7.5 | SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted endpoint that breaks the authent | | 2026-02-10 |
| CVE-2026-0488 | 9.9 | An authenticated attacker in SAP CRM and SAP S/4HANA (Scripting Editor) could exploit a flaw in a generic function module call and execute unauthorize | | 2026-02-10 |
| CVE-2026-0485 | 7.5 | SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server ( | | 2026-02-10 |
| CVE-2026-0845 | 7.2 | The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized mo | | 2026-02-10 |
| CVE-2025-10465 | 8.8 | Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a | | 2026-02-09 |
| CVE-2025-6830 | 9.8 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpoda Türkiye Information Technology Inc. Xpoda | | 2026-02-09 |
| CVE-2025-10463 | 7.3 | Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse.This issue | | 2026-02-09 |
| CVE-2026-2225 | 7.3 | A flaw has been found in itsourcecode News Portal Project 1.0. This vulnerability affects unknown code of the file /admin/index.php of the component A | | 2026-02-09 |
| CVE-2025-7799 | 8.6 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zirve Information Technologies Inc. E-Tax | | 2026-02-09 |
| CVE-2026-2236 | 7.5 | C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read data | | 2026-02-09 |
| CVE-2026-2234 | 9.1 | C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail c | | 2026-02-09 |
| CVE-2026-2223 | 7.3 | A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the fi | | 2026-02-09 |
| CVE-2026-22906 | 9.8 | User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can dec | | 2026-02-09 |
| CVE-2026-22905 | 7.5 | An unauthenticated remote attacker can bypass authentication by exploiting insufficient URI validation and using path traversal sequences (e.g., /js/. | | 2026-02-09 |
| CVE-2026-22904 | 9.8 | Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie va | | 2026-02-09 |
| CVE-2026-22903 | 9.8 | An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflo | | 2026-02-09 |
| CVE-2026-2221 | 7.3 | A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the c | | 2026-02-09 |
| CVE-2026-2220 | 7.3 | A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessm | | 2026-02-09 |
| CVE-2026-0870 | 7.8 | MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with im | | 2026-02-09 |
| CVE-2026-2217 | 7.3 | A vulnerability was found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/manage_user.php. | | 2026-02-09 |
| CVE-2026-2212 | 7.3 | A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Adminis | | 2026-02-09 |
| CVE-2026-2211 | 7.3 | A vulnerability was determined in code-projects Online Music Site 1.0. Affected is an unknown function of the file /Administrator/PHP/AdminDeleteCateg | | 2026-02-09 |
| CVE-2026-2210 | 7.2 | A vulnerability has been found in D-Link DIR-823X 250416. This affects the function sub_4211C8 of the file /goform/set_filtering. Such manipulation le | | 2026-02-09 |
| CVE-2026-2203 | 8.8 | A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set o | | 2026-02-09 |
| CVE-2026-2202 | 8.8 | A vulnerability was detected in Tenda AC8 16.03.33.05. Affected is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet of the componen | | 2026-02-09 |
| CVE-2026-2199 | 7.3 | A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/sys | | 2026-02-09 |
| CVE-2026-2198 | 7.3 | A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/adm | | 2026-02-09 |
| CVE-2026-2197 | 7.3 | A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessme | | 2026-02-09 |
| CVE-2026-2196 | 7.3 | A vulnerability was found in code-projects Online Reviewer System 1.0. This issue affects some unknown processing of the file /system/system/admins/as | | 2026-02-09 |
| CVE-2026-2195 | 7.3 | A vulnerability has been found in code-projects Online Reviewer System 1.0. This vulnerability affects unknown code of the file /system/system/admins/ | | 2026-02-09 |
| CVE-2026-2192 | 7.2 | A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function formGetRebootTimer. Such man | | 2026-02-08 |
| CVE-2026-2191 | 7.2 | A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument secu | | 2026-02-08 |
| CVE-2026-2190 | 7.3 | A security flaw has been discovered in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/user/controll | | 2026-02-08 |
| CVE-2026-2189 | 7.3 | A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/report/index.php. | | 2026-02-08 |
| CVE-2026-2188 | 7.2 | A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Execu | | 2026-02-08 |
| CVE-2026-2187 | 8.8 | A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performin | | 2026-02-08 |
| CVE-2026-2186 | 8.8 | A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation | | 2026-02-08 |
| CVE-2026-2185 | 8.8 | A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC | | 2026-02-08 |
| CVE-2026-2184 | 7.3 | A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affe | | 2026-02-08 |
| CVE-2026-2182 | 7.2 | A weakness has been identified in UTT 进取 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a | | 2026-02-08 |
| CVE-2026-2181 | 8.8 | A security flaw has been discovered in Tenda RX3 16.03.13.11. Affected by this vulnerability is an unknown functionality of the file /goform/openSched | | 2026-02-08 |
| CVE-2026-2180 | 8.8 | A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fast_setting_wifi_set. Such manipulation | | 2026-02-08 |
| CVE-2026-2177 | 7.3 | A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The | | 2026-02-08 |
| CVE-2026-2175 | 7.2 | A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_420618 of the file /goform/set_upnp. This manipu | | 2026-02-08 |
| CVE-2026-2174 | 7.3 | A security flaw has been discovered in code-projects Contact Management System 1.0. This affects an unknown part of the component CRUD Endpoint. The m | | 2026-02-08 |
| CVE-2026-2173 | 7.3 | A vulnerability was identified in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file login. | | 2026-02-08 |
| CVE-2026-2172 | 7.3 | A vulnerability was determined in code-projects Online Application System for Admission 1.0. Affected by this vulnerability is an unknown functionalit | | 2026-02-08 |
| CVE-2026-2171 | 7.3 | A vulnerability was found in code-projects Online Student Management System 1.0. Affected is an unknown function of the file accounts.php of the compo | | 2026-02-08 |
| CVE-2026-2166 | 7.3 | A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login | | 2026-02-08 |
| CVE-2026-2165 | 7.3 | A weakness has been identified in detronetdip E-commerce 1.0.0. Impacted is an unknown function of the file /Admin/assets/backend/seller/add_seller.ph | | 2026-02-08 |
| CVE-2026-2164 | 7.3 | A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the file /seller/assets/backend/pro | | 2026-02-08 |
| CVE-2026-2161 | 7.3 | A vulnerability was found in itsourcecode Directory Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/for | | 2026-02-08 |
| CVE-2026-2158 | 7.3 | A vulnerability was detected in code-projects Student Web Portal 1.0. This impacts an unknown function of the file /check_user.php. Performing a manip | | 2026-02-08 |
| CVE-2026-2157 | 7.2 | A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub_4175CC of the file /goform/set_static_route_table. | | 2026-02-08 |
| CVE-2026-2155 | 7.2 | A security flaw has been discovered in D-Link DIR-823X 250416. The affected element is the function sub_4208A0 of the file /goform/set_dmz of the comp | | 2026-02-08 |
| CVE-2026-2152 | 7.2 | A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file adv_routing.php of the component Web Configurati | | 2026-02-08 |
| CVE-2026-2151 | 7.2 | A vulnerability has been found in D-Link DIR-615 4.10. This affects an unknown part of the file adv_firewall.php of the component DMZ Host Feature. Su | | 2026-02-08 |
| CVE-2026-2143 | 7.2 | A security vulnerability has been detected in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/set_ddns of the c | | 2026-02-08 |
| CVE-2026-2142 | 7.2 | A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub_420688 of the file /goform/set_qos. Executing a | | 2026-02-08 |
| CVE-2026-2140 | 8.8 | A vulnerability was identified in Tenda TX9 up to 22.03.02.10_multi. Affected by this issue is the function sub_4223E0 of the file /goform/setMacFilte | | 2026-02-08 |
| CVE-2026-2139 | 8.8 | A vulnerability was determined in Tenda TX9 up to 22.03.02.10_multi. Affected by this vulnerability is the function sub_432580 of the file /goform/fas | | 2026-02-08 |
| CVE-2026-2138 | 8.8 | A vulnerability was found in Tenda TX9 up to 22.03.02.10_multi. Affected is the function sub_42D03C of the file /goform/SetStaticRouteCfg. The manipul | | 2026-02-08 |
| CVE-2026-2137 | 8.8 | A vulnerability has been found in Tenda TX3 up to 16.03.13.11_multi. This impacts an unknown function of the file /goform/SetIpMacBind. The manipulati | | 2026-02-08 |
| CVE-2026-2136 | 7.3 | A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a man | | 2026-02-08 |
| CVE-2026-2133 | 7.3 | A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCateg | | 2026-02-08 |
| CVE-2026-2132 | 7.3 | A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/ | | 2026-02-08 |
| CVE-2026-2129 | 7.2 | A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/set_ac_status. Performin | | 2026-02-08 |
| CVE-2025-15100 | 8.8 | The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the p | | 2026-02-08 |
| CVE-2025-15027 | 9.8 | The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the p | | 2026-02-08 |
| CVE-2026-2120 | 7.2 | A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/set_server_settings of the component Co | | 2026-02-08 |
| CVE-2026-2118 | 7.2 | A vulnerability was determined in UTT HiPER 810 1.7.4-141218. The impacted element is the function sub_4407D4 of the file /goform/formReleaseConnect o | | 2026-02-08 |
| CVE-2026-2117 | 7.3 | A vulnerability was found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/edit_activity. | | 2026-02-08 |
| CVE-2026-2116 | 7.3 | A vulnerability has been found in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/edit_expenses.php. Su | | 2026-02-08 |
| CVE-2026-2115 | 7.3 | A flaw has been found in itsourcecode Society Management System 1.0. This issue affects some unknown processing of the file /admin/delete_expenses.php | | 2026-02-07 |
| CVE-2026-2114 | 7.3 | A vulnerability was detected in itsourcecode Society Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_admin.php. | | 2026-02-07 |
| CVE-2026-2113 | 7.3 | A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown part in the library /public/static/admin/lib/webu | | 2026-02-07 |
| CVE-2026-2090 | 7.3 | A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message | | 2026-02-07 |
| CVE-2026-2089 | 7.3 | A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/control | | 2026-02-07 |
| CVE-2026-2088 | 7.3 | A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointmen | | 2026-02-07 |
| CVE-2026-2087 | 7.3 | A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login. | | 2026-02-07 |
| CVE-2026-2086 | 8.8 | A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireW | | 2026-02-07 |
| CVE-2026-2085 | 7.2 | A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub_419F20 of the file /boafrm/formUSSDSetup of the com | | 2026-02-07 |
| CVE-2026-2084 | 7.2 | A weakness has been identified in D-Link DIR-823X 250416. This impacts an unknown function of the file /goform/set_language. Executing a manipulation | | 2026-02-07 |
| CVE-2026-2083 | 7.3 | A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /delete_post.php. Perfor | | 2026-02-07 |
| CVE-2026-2080 | 7.2 | A vulnerability has been found in UTT HiPER 810 1.7.4-141218. This issue affects the function setSysAdm of the file /goform/formUser. The manipulation | | 2026-02-07 |
| CVE-2026-2073 | 7.3 | A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Ex | | 2026-02-07 |
| CVE-2026-2071 | 8.8 | A vulnerability was found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formP2PLimitConfig. Performing | | 2026-02-07 |
| CVE-2020-37163 | 8.2 | QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the '_located' parameter in | | 2026-02-07 |
| CVE-2020-37162 | 9.8 | Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability in the registration key input that allows attackers to execute arbitrary code b | | 2026-02-07 |