Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18823

18823 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2018-25210 WebOfisi E-Ticaret 4.0 SQL Injection via urun Parameter — Ticaret V4CWE-79 8.2 High2026-03-26
CVE-2018-25209 OpenBiz Cubi Lite 3.0.8 SQL Injection via username Parameter — OpenBiz Cubi LiteCWE-89 8.2 High2026-03-26
CVE-2018-25208 qdPM 9.1 SQL Injection via filter_by Parameters — qdPMCWE-89 8.2 High2026-03-26
CVE-2018-25205 ASP.NET jVideo Kit 1.0 SQL Injection via query Parameter — ASP.NET jVideo KitCWE-89 8.2 High2026-03-26
CVE-2018-25204 Library CMS 1.0 SQL Injection via admin login — Library CMSCWE-89 8.2 High2026-03-26
CVE-2018-25203 Online Store System CMS 1.0 SQL Injection via clientaccess — Online Store System CMSCWE-89 8.2 High2026-03-26
CVE-2018-25195 Wecodex Hotel CMS 1.0 SQL Injection via Admin Login — Wecodex Hotel CMSCWE-89 8.2 High2026-03-26
CVE-2018-25185 Wecodex Restaurant CMS 1.0 SQL Injection via Login — Wecodex Restaurant CMSCWE-89 8.2 High2026-03-26
CVE-2018-25183 Shipping System CMS 1.0 SQL Injection via admin login — Shipping System CMSCWE-89 8.2 High2026-03-26
CVE-2026-4652 Remote denial of service via null pointer dereference — FreeBSDCWE-476 7.5 -2026-03-26
CVE-2026-1890 LeadConnector < 3.0.22 - Unauthenticated Rest Call — LeadConnector 7.5 -2026-03-26
CVE-2025-15488 Responsive Plus < 3.4.3 - Unauthenticated Arbitrary Shortcode Execution — Responsive Plus 9.8 -2026-03-26
CVE-2026-4329 Blackhole for Bad Bots <= 3.8 - Unauthenticated Stored Cross-Site Scripting via User-Agent HTTP Header — Blackhole for Bad BotsCWE-79 7.2 High2026-03-26
CVE-2026-4281 FormLift for Infusionsoft Web Forms <= 7.5.21 - Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection Flow — FormLift for Infusionsoft Web FormsCWE-862 5.3 Medium2026-03-26
CVE-2026-1986 FloristPress for Woo <= 7.8.2 - Reflected Cross-Site Scripting via 'noresults' Parameter — FloristPress for Woo – Customize your eCommerce store for your FloristCWE-79 6.1 Medium2026-03-26
CVE-2026-30976 Sonarr Path Traversal vulnerability — SonarrCWE-22 8.6 High2026-03-25
CVE-2026-29785 NATS Server panic via malicious compression on leafnode port — nats-serverCWE-476 7.5 High2026-03-25
CVE-2026-1724 Missing Authentication for Critical Function in GitLab — GitLabCWE-306 6.8 Medium2026-03-25
CVE-2026-2745 Authentication Bypass Using an Alternate Path or Channel in GitLab — GitLabCWE-288 6.8 Medium2026-03-25
CVE-2026-3857 Cross-Site Request Forgery (CSRF) in GitLab — GitLabCWE-352 8.1 High2026-03-25
CVE-2026-3988 Inefficient Algorithmic Complexity in GitLab — GitLabCWE-407 7.5 High2026-03-25
CVE-2026-20719 DoS via URL Previews Rendering Malicious SVGs — MattermostCWE-754 4.3 Medium2026-03-25
CVE-2026-26233 Denial of Service via HTTP/2 single packet attack on login endpoint — MattermostCWE-400 4.3 Medium2026-03-25
CVE-2026-20113 Cisco IOS XE Software 注入漏洞 — Cisco IOS XE SoftwareCWE-93 5.3 Medium2026-03-25
CVE-2026-20115 Cisco IOS XE Software 安全漏洞 — Cisco IOS XE SoftwareCWE-319 6.1 Medium2026-03-25
CVE-2026-20104 Cisco多款产品 安全漏洞 — Cisco IOS XE SoftwareCWE-124 6.1 Medium2026-03-25
CVE-2026-20004 Cisco IOS XE Software 安全漏洞 — Cisco IOS XE SoftwareCWE-771 7.4 High2026-03-25
CVE-2024-58341 OpenCart Core 4.0.2.3 SQL Injection via search Parameter — OpenCart CoreCWE-89 8.2 High2026-03-25
CVE-2026-20012 Cisco多款产品 安全漏洞 — IOSCWE-401 8.6 High2026-03-25
CVE-2026-20086 Cisco IOS XE Wireless Controller software 安全漏洞 — Cisco IOS XE SoftwareCWE-230 8.6 High2026-03-25

Vulnerabilities classified as access:pre-auth represent 18823 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.