CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2017-20250
High

Mac Photo Gallery 3.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the albid parameter. Attackers can send requests to macdownload.php with directory traversal sequences to access sensitive files like wp-load.php outside the intended plugin directory.

CVE-2017-20249
High

Apptha Slider Gallery version 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attackers can send GET requests with crafted SQL payloads in the albid parameter to extract sensitive database information including user credentials and authentication hashes.

CVE-2017-20248
High

Apptha Slider Gallery version 1.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the imgname parameter. Attackers can send requests to asgallDownload.php with directory traversal sequences ../ to access sensitive files outside the intended directory.

CVE-2017-20247
High

The WordPress Plugin PICA Photo Gallery version 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries via the aid parameter. Attackers can send GET requests with crafted SQL payloads in the aid parameter to extract sensitive database information, including user credentials and table contents.

CVE-2017-20246
High

The KittyCatfish 2.2 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to read database contents by exploiting an unescaped GET parameter.

CVE-2017-20245
High

The Wow Viral Signups plugin version 2.1 for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by exploiting the unescaped 'idsignup' POST parameter.

CVE-2017-20244
High

The Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter.

CVE-2017-20243
High

The WordPress Car Park Booking Plugin version 13 October 17 contains a time-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the space_id parameter.

CVE-2016-20065
High

The Product Catalog 8 1.2 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the selectedCategory parameter.

CVE-2016-20063
High

Single Personal Message version 1.0.3 contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries by injecting malicious code through the message parameter. Attackers can access the admin interface and supply crafted SQL statements to extract sensitive database information.

CVE-2016-20062
High

The Simply Poll plugin version 1.4.1 for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the 'pollid' POST parameter. Attackers can send requests to the admin-ajax.php endpoint with the 'spAjaxResults' action and malicious 'pollid' values to execute arbitrary SQL queries and read sensitive data from the WordPress database.

CVE-2026-49742
High

Backend users with file download permissions were able to download files from the fallback storage of the file abstraction layer (FAL) via the Media Module. This issue could expose sensitive files such as log files.

CVE-2026-49741
High

Backend users with write access to the form_definition database table were able to directly create, update, or delete form definition records via DataHandler, bypassing the Form Framework's persistence validation and permission checks. This allowed injecting arbitrary form configurations, re-enabling attack vectors originally addressed in TYPO3-CORE-SA-2018-003.

CVE-2026-47346
High

Backend users with file write permissions were able to upload form definition files with mixed-case extensions (e.g., .FORM.YAML) to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to escalate privileges by creating administrative backend user accounts.

CVE-2026-47343
High

Non-privileged backend users were able to perform write operations (move, delete, rename) on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0 through 12.4.45, 13.0.0 through 13.4.30, and 14.0.0 through 14.3.2.

CVE-2026-11607
High

Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, leading to the processing of files with incorrect extensions. Maliciously crafted form definition files can be used to execute arbitrary SQL statements.

CVE-2026-46749
High

A vulnerability has been identified in SINEC INS (all versions < V1.0 SP2 Update 6) that uses a password hashing implementation with a static, hardcoded salt shared across all users and installations. The configuration with an insufficient number of iterations may allow an attacker to efficiently recover user passwords.

CVE-2026-46748
High

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6) that allows a local attacker to escalate privileges by bypassing file system permission checks.

CVE-2026-46746
High

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6) that does not properly sanitize user input in the /api/sftp/uploadFiles endpoint. This allows the injection of shell command payloads via crafted directory names.

CVE-2026-41031
High

A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 (Build 63255) allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and session credentials.

PreviousPage 174 of 3362Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS