0.0
CVE-2026-22632 -
Not used
0.0
CVE-2026-22630 -
Not used
5.1
CVE-2026-0699 - code-projects Intern Membership Management System edit_activity.php sql injection
A vulnerability was found in code-projects Intern Membership Management System 1.0. This impacts an unknown function of the file /intern/admin/edit_activity.php. Performing a manipulation of the argument activity_id results in sql injection. Remote exploitation of the attack is possible. The exploiโฆ
5.1
CVE-2026-0698 - code-projects Intern Membership Management System edit_students.php sql injection
A vulnerability has been found in code-projects Intern Membership Management System 1.0. This affects an unknown function of the file /intern/admin/edit_students.php. Such manipulation of the argument admin_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosโฆ
5.1
CVE-2026-0697 - code-projects Intern Membership Management System edit_admin.php sql injection
A flaw has been found in code-projects Intern Membership Management System 1.0. The impacted element is an unknown function of the file /intern/admin/edit_admin.php. This manipulation of the argument admin_id causes sql injection. The attack may be initiated remotely. The exploit has been publishedโฆ
8.5
CVE-2026-21427 - Insecure DLL Search Path in Pioneer Installers Allows Arbitrary Code Execution
The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer.
9.8
CVE-2019-25296 - WP Cost Estimation <= 9.642 - Missing Authorization to Arbitrary File Upload/Delete
The WP Cost Estimation plugin for WordPress is vulnerable to arbitrary file uploads and deletion due to missing file type validation in the lfb_upload_form and lfb_removeFile AJAX actions in versions up to, and including, 9.642. This makes it possible for unauthenticated attackers to upload arbitraโฆ
4.3
CVE-2025-12640 - Folders โ Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.1.5 -โฆ
The Folders โ Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Replacement in all versions up to, and including, 3.1.5. This is due to missing object-level authorization checks in the handle_folders_filโฆ
6.4
CVE-2025-14275 - Jeg Elementor Kit <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdownโฆ
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.0.1 due to insufficient input sanitization in the countdown widget's redirect functionality. This makes it possible for authenticated attackers, with Contributor-level accโฆ
6.5
CVE-2019-25295 - WP Cost Estimation < 9.660 - Upload Directory Traversal
The WP Cost Estimation plugin for WordPress is vulnerable to Upload Directory Traversal in versions before 9.660 via the uploadFormFiles function. This allows attackers to overwrite any file with a whitelisted type on an affected site.