🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2019-25707 | مرتفع | 7.1 |
eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL qu…
|
⚡ Exploit | أبريل 12, 2026 |
| CVE-2018-25257 | مرتفع | 7.1 |
Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate …
|
— | أبريل 12, 2026 |
| CVE-2019-25703 | مرتفع | 7.1 |
ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipul…
|
⚡ Exploit | أبريل 12, 2026 |
| CVE-2019-25699 | مرتفع | 7.1 |
Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authentic…
|
⚡ Exploit | أبريل 12, 2026 |
| CVE-2026-6111 | متوسط | 6.3 |
A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of t…
|
— | أبريل 12, 2026 |
| CVE-2026-6117 | متوسط | 6.3 |
A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of …
|
— | أبريل 12, 2026 |
| CVE-2026-6108 | متوسط | 6.3 |
A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps…
|
— | أبريل 12, 2026 |
| CVE-2026-6125 | متوسط | 6.3 |
A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpressio…
|
— | أبريل 12, 2026 |
| CVE-2026-6119 | متوسط | 6.3 |
A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get o…
|
— | أبريل 12, 2026 |
| CVE-2026-6118 | متوسط | 6.3 |
A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function add_mcp_server of the file …
|
— | أبريل 12, 2026 |
| CVE-2019-25712 | متوسط | 6.2 |
BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers t…
|
— | أبريل 12, 2026 |
| CVE-2019-25711 | متوسط | 6.2 |
SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the appli…
|
— | أبريل 12, 2026 |
| CVE-2017-20239 | متوسط | 6.1 |
MDwiki contains a cross-site scripting vulnerability that allows remote attackers to execute arbitrary JavaScript by inj…
|
— | أبريل 12, 2026 |
| CVE-2026-5144 | مرتفع | 8.8 |
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including…
|
— | أبريل 11, 2026 |
| CVE-2026-6105 | مرتفع | 7.3 |
A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the fi…
|
— | أبريل 11, 2026 |
| CVE-2026-5217 | مرتفع | 7.2 |
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vuln…
|
— | أبريل 11, 2026 |
| CVE-2026-5809 | مرتفع | 7.1 |
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. Th…
|
— | أبريل 11, 2026 |
| CVE-2026-5207 | متوسط | 6.5 |
The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and i…
|
— | أبريل 11, 2026 |
| CVE-2026-4895 | متوسط | 6.4 |
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in …
|
— | أبريل 11, 2026 |
| CVE-2026-3498 | متوسط | 6.4 |
The BlockArt Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'clientId' block attribute…
|
— | أبريل 11, 2026 |