快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 358219
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-28560 |
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows script injectio
|
MEDIUM | 5.5 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-28559 |
wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated use
|
MEDIUM | 5.3 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-28558 |
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows authenticated s
|
MEDIUM | 6.4 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-28557 |
wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated user
|
MEDIUM | 6.5 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-28556 |
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscri
|
MEDIUM | 5.4 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-28555 |
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscri
|
MEDIUM | 4.3 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-28554 |
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscri
|
MEDIUM | 4.3 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-3010 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab
|
UNKNOWN | N/A | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-2844 |
Missing Authentication for Critical Function vulnerability in Microchip TimePictra allows Configurat
|
UNKNOWN | N/A | 2026-02-28 |
未知
|
NVD | |
| CVE-2025-13673 |
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injec
|
HIGH | 7.5 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-2471 |
The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to
|
HIGH | 7.5 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-1542 |
The Super Stage WP WordPress plugin through 1.0.1 unserializes user input via REQUEST, which could a
|
MEDIUM | 6.5 | 2026-02-28 |
未知
|
NVD | |
| CVE-2026-2647 |
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
UNKNOWN | N/A | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-28517 |
openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability in r
|
UNKNOWN | N/A | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-28516 |
openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config::U
|
UNKNOWN | N/A | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-28515 |
openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in i
|
UNKNOWN | N/A | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-28426 |
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 an
|
HIGH | 8.7 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-28425 |
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 an
|
HIGH | 8.0 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-28424 |
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 an
|
MEDIUM | 6.5 | 2026-02-27 |
未知
|
NVD | |
| CVE-2026-28423 |
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 an
|
MEDIUM | 6.8 | 2026-02-27 |
未知
|
NVD |