Authentic 8 has an broken access control that can be leveraged via insecure direct object reference that can lead to PII information disclosure...
ChurchCRM versions 6.5.2 and below suffer from a persistent cross site scripting vulnerability in the person property assignment functionality. Not...
Omega-PSIR suffers from a cross site scripting vulnerability via the lang parameter...
OpenSTAManager versions 2.9.8 and below suffer from a command injection vulnerability via the P7M file processing functionality...
WBCE CMS versions 1.6.4 and below suffer from a remote time-bsed SQL injection vulnerability via the groups parameter...
WBCE CMS versions prior to 1.6.4 suffers from insecure direct object reference and privilege escalation vulnerabilities...
FacturaScripts versions prior to 2025.81 suffer from a remote SQL injection vulnerability in the Autocomplete Actions functionality...
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Stampe module...
OpenSTAManager versions 2.9.8 and below suffer from a remote time-based SQL injection vulnerability in the search functionality that can lead to a ...
EGroupware versions prior to 23.1.20260113 and greater than or equal to 26.0.20251208 but less than 26.0.20260113 are affected by a remote SQL inje...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
