5.3
CVE-2026-0597 - Campcodes Supplier Management System edit_profile.php sql injection
A flaw has been found in Campcodes Supplier Management System 1.0. Affected by this issue is some unknown functionality of the file /retailer/edit_profile.php. This manipulation of the argument txtRetailerAddress causes sql injection. Remote exploitation of the attack is possible. The exploit has bβ¦
9.8
CVE-2025-15026 - Unauthenticated configuration import allows administrative account creation using AWIE component
Missing Authentication for Critical Function vulnerability in Centreon Infra Monitoring centreon-awie (Awie import module) allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04.0 beβ¦
0.0
CVE-2026-21745 -
Not used
0.0
CVE-2026-21750 -
Not used
0.0
CVE-2026-21747 -
Not used
0.0
CVE-2026-21748 -
Not used
0.0
CVE-2026-21749 -
Not used
0.0
CVE-2026-21746 -
Not used
0.0
CVE-2026-21744 -
Not used
6.8
CVE-2025-12511 - A user with elevated privileges can inject XSS in the DSM Administrationβs Extensions configuratioβ¦
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (DSM extenstio configuration modules) allows Stored XSS to user with elevated privileges. This issue affects Infra Monitoring: from 25.10.0 before 25.10.1, from β¦