CVE Security

medium 4.6

27/05/2026

Vulnérabilité medium détectée - CVE-2026-35010

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient_JF.php that allows authenticated attackers to injec...

Applications Web

CVE-2026-35010

Lire l'article

medium 4.6

27/05/2026

Vulnérabilité medium détectée - CVE-2026-35011

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in opena.php that allows authenticated attackers to inject arb...

Applications Web

CVE-2026-35011

Lire l'article

medium 6.1

27/05/2026

Vulnérabilité medium détectée - CVE-2026-30691

Cross-Site Scripting (XSS) vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .t...

Applications Web

CVE-2026-30691

Lire l'article

high 8.8

27/05/2026

Vulnérabilité high détectée - CVE-2026-44925

Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active ses...

Applications Web

CVE-2026-44925

Lire l'article

high 7.2

27/05/2026

Vulnérabilité high détectée - CVE-2026-7613

The Cost of Goods by PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'csvdata[0][cost_of_goods_value]' paramet...

Android Web

CVE-2026-7613

Lire l'article

medium 6.5

27/05/2026

Vulnérabilité medium détectée - CVE-2026-44923

SQL injection in InfoScale VIOM before v9.1.3 allows remote attackers to escalate privileges.

Web

CVE-2026-44923

Lire l'article

medium 5.4

27/05/2026

Vulnérabilité medium détectée - CVE-2026-44924

InfoScale VIOM 9.1.3 allows XSS.

Web

CVE-2026-44924

Lire l'article

high 7.6

27/05/2026

Vulnérabilité high détectée - CVE-2026-5783

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Beyaz Computer Software Design Industry and Trad...

Web

CVE-2026-5783

Lire l'article

high 8.8

27/05/2026

Vulnérabilité high détectée - CVE-2026-24425

Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with tem...

Web

CVE-2026-24425

Lire l'article

high 7.6

27/05/2026

Vulnérabilité high détectée - CVE-2026-42383

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Bli...

Web

CVE-2026-42383

Lire l'article

medium 6.5

27/05/2026

Vulnérabilité medium détectée - CVE-2026-24573

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Visualizer allows Stored XSS. This is...

Web

CVE-2026-24573

Lire l'article

high 8

27/05/2026

Vulnérabilité high détectée - CVE-2025-11954

Cross-Site request forgery (CSRF) vulnerability in Sitemio Information Technologies Trade Ltd. Co. WISECP allows Cross Site Request Forgery. This iss...

Web

CVE-2025-11954

Lire l'article