CVE Security

medium 5.4

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48214

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add_nm.php that allows authenticated attackers to inject ar...

Applications Web

CVE-2026-48214

Lire l'article

medium 5.4

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48215

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in circle.php that allows authenticated attackers to inject ar...

Applications Web

CVE-2026-48215

Lire l'article

medium 5.4

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48216

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in db_loader.php that allows authenticated attackers to inject...

Applications Web

CVE-2026-48216

Lire l'article

medium 5.4

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48217

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in delete_module.php that allows authenticated attackers to in...

Applications Web

CVE-2026-48217

Lire l'article

medium 5.4

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48218

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in icons/buttons/landb.php that allows authenticated attackers...

Applications Web

CVE-2026-48218

Lire l'article

medium 5.4

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48219

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics202.php that allows authenticated attackers to inject ar...

Applications Web

CVE-2026-48219

Lire l'article

medium 5.4

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48213

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add.php that allows authenticated attackers to inject arbit...

Applications Web

CVE-2026-48213

Lire l'article

critical 9.3

28/05/2026

Vulnérabilité critical détectée - CVE-2026-39531

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind S...

Web

CVE-2026-39531

Lire l'article

critical 9.8

28/05/2026

Vulnérabilité critical détectée - CVE-2026-5118

The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.2. This is due to the plugin ac...

Web

CVE-2026-5118

Lire l'article

unknown

28/05/2026

Vulnérabilité unknown détectée - CVE-2026-6841

Request Tracker is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the "Page" parameter in GET requests. An attacker can craft ...

Applications Web

CVE-2026-6841

Lire l'article

high 8.8

27/05/2026

Vulnérabilité high détectée - CVE-2026-44047

An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to obtain unauthorized...

Web

CVE-2026-44047

Lire l'article

medium 4.9

27/05/2026

Vulnérabilité medium détectée - CVE-2026-4811

The WPB Floating Menu & Categories for WordPress – Sticky Side Menu with Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...

Web

CVE-2026-4811

Lire l'article