| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Deserialization of Untrusted Data vulnerability in Webextends Telecash Ricaricaweb telecash-ricaricaweb allows Object Injection.This issue affects Telecash Ricaricaweb: from n/a through <= 2.2. |
| Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 ip-loc8 allows Object Injection.This issue affects IP Loc8: from n/a through <= 1.1. |
| Deserialization of Untrusted Data vulnerability in GMRobbins Disc Golf Manager disc-golf-manager allows Object Injection.This issue affects Disc Golf Manager: from n/a through <= 1.0.0. |
| Deserialization of Untrusted Data vulnerability in eyecix JobSearch wp-jobsearch allows Object Injection.This issue affects JobSearch: from n/a through <= 2.5.9. |
| Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through < 6.5.0.1. |
| Deserialization of Untrusted Data vulnerability in Crew HRM Crew HRM hr-management.This issue affects Crew HRM: from n/a through <= 1.1.1. |
| Insertion of Sensitive Information into Log File vulnerability in ThemeSphere SmartMag smartmag-responsive-retina-wordpress-magazine.This issue affects SmartMag: from n/a through < 10.1.0. |
| Deserialization of Untrusted Data vulnerability in wpweb WooCommerce Social Login woo-social-login.This issue affects WooCommerce Social Login: from n/a through <= 2.6.3. |
| Deserialization of Untrusted Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through <= 1.26.2. |
| Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.4.2. |
| Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.1.1. |
| Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.17. |
| pyLoad is a free and open-source download manager written in Python. The fix for CVE-2026-33509 added an ADMIN_ONLY_OPTIONS set to block non-admin users from modifying security-critical config options. The storage_folder option is not in this set and passes the existing path restriction because the Flask session directory is outside both PKGDIR and userdir. A user with SETTINGS and ADD permissions can redirect downloads to the Flask filesystem session store, plant a malicious pickle payload as a predictable session file, and trigger arbitrary code execution when any HTTP request arrives with the corresponding session cookie. This vulnerability is fixed with commit c4cf995a2803bdbe388addfc2b0f323277efc0e1. |
| Deserialization of Untrusted Data vulnerability in VictorThemes Seil seil allows Object Injection.This issue affects Seil: from n/a through <= 1.7.1. |
| Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the serendipity_setCookie() function in include/functions_config.inc.php uses $_SERVER['HTTP_HOST'] without validation as the domain parameter of setcookie(). An attacker who can influence the Host header at login time, such as via MITM, reverse proxy misconfiguration, or load balancer manipulation, can force authentication cookies including session tokens and auto-login tokens to be scoped to an attacker-controlled domain. This enables session fixation, token leakage to attacker-controlled infrastructure, and privilege escalation if an admin logs in under a poisoned Host header. This issue has been fixed in version 2.6.0. |
| firehol in firehol 1.256 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/.firehol-tmp-#####-*-* and (2) /tmp/firehol.conf temporary files. NOTE: the vendor disputes this vulnerability, stating that an attack "would require an attacker to create 1073741824*PID-RANGE symlinks. |
| bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts. |
| The finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to read arbitrary files via a link corresponding to a (1) .plan or (2) .project file. |
| The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances. |
| Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) Core and (2) print modules. |
