Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18802

18802 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2026-32248 Parse Server: Account takeover via operator injection in authentication data identifier — parse-serverCWE-943 7.4AIHighAI2026-03-12
CVE-2026-32138 NEXULEAN API Key Leak — websiteCWE-284 8.2 High2026-03-12
CVE-2026-32230 Uptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status page — uptime-kumaCWE-862 5.3 Medium2026-03-12
CVE-2026-28254 Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge — Tracer SCCWE-862 7.5AIHighAI2026-03-12
CVE-2026-28253 Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge — Tracer SCCWE-789 7.5AIHighAI2026-03-12
CVE-2026-29066 Arbitrary File Read via Disabled Vite Filesystem Restriction in TinaCMS CLI — cliCWE-552 6.2 Medium2026-03-12
CVE-2019-25543 Netartmedia Real Estate Portal 5.0 SQL Injection via index.php — Netartmedia Real Estate PortalCWE-89 8.2 High2026-03-12
CVE-2019-25542 Netartmedia Real Estate Portal 5.0 SQL Injection via index.php — Netartmedia Real Estate PortalCWE-89 8.2 High2026-03-12
CVE-2019-25541 Netartmedia PHP Mall 4.1 Multiple SQL Injection — Netartmedia PHP MallCWE-89 8.2 High2026-03-12
CVE-2019-25540 Netartmedia PHP Mall 4.1 Multiple SQL Injection — Netartmedia PHP MallCWE-89 8.2 High2026-03-12
CVE-2019-25539 202CMS v10 beta SQL Injection via register.php — 202CMSCWE-89 8.2 High2026-03-12
CVE-2019-25538 202CMS v10 beta SQL Injection via log_user Parameter — 202CMSCWE-89 8.2 High2026-03-12
CVE-2019-25537 Netartmedia Event Portal 2.0 SQL Injection via loginaction.php — Netartmedia Event PortalCWE-89 8.2 High2026-03-12
CVE-2019-25536 Netartmedia PHP Real Estate Agency 4.0 SQL Injection via features parameter — Netartmedia PHP Real Estate AgencyCWE-89 8.2 High2026-03-12
CVE-2019-25535 Netartmedia PHP Dating Site SQL Injection via loginaction.php — Netartmedia Php Dating SiteCWE-89 8.2 High2026-03-12
CVE-2019-25534 Netartmedia PHP Car Dealer SQL Injection via features parameter — Netartmedia PHP Car DealerCWE-89 8.2 High2026-03-12
CVE-2019-25533 Netartmedia PHP Business Directory 4.2 SQL Injection via loginaction.php — Netartmedia PHP Business DirectoryCWE-89 8.2 High2026-03-12
CVE-2019-25532 Netartmedia Jobs Portal 6.1 SQL Injection via loginaction.php — Netartmedia Jobs PortalCWE-89 8.2 High2026-03-12
CVE-2019-25531 Netartmedia Deals Portal Lastest SQL Injection via loginaction.php — Netartmedia Deals PortalCWE-89 8.2 High2026-03-12
CVE-2019-25530 uHotelBooking System Lastest SQL Injection via system_page Parameter — uHotelBooking SystemCWE-89 8.2 High2026-03-12
CVE-2019-25528 Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search — Inout EasyRooms Ultimate EditionCWE-89 8.2 High2026-03-12
CVE-2019-25527 Inout EasyRooms Ultimate Edition v1.0 SQL Injection via searchdetailed — Inout EasyRooms Ultimate EditionCWE-89 8.2 High2026-03-12
CVE-2019-25526 Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search — Inout EasyRooms Ultimate EditionCWE-89 8.2 High2026-03-12
CVE-2019-25525 Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search — Inout EasyRooms Ultimate EditionCWE-89 8.2 High2026-03-12
CVE-2019-25524 XooGallery Lastest Latest SQL Injection via results.php — XooGalleryCWE-89 8.2 High2026-03-12
CVE-2019-25523 XooGallery Lastest Latest SQL Injection via cat.php — XooGalleryCWE-89 8.2 High2026-03-12
CVE-2019-25522 XooGallery Lastest Latest Multiple SQL Injections via photo.php — XooGalleryCWE-89 8.2 High2026-03-12
CVE-2019-25521 XooGallery Lastest Latest SQL Injection via gal.php gal_id — XooGalleryCWE-89 8.2 High2026-03-12
CVE-2019-25520 Jettweb PHP Hazir Haber Sitesi Scripti V1 Authentication Bypass — Hazir Haber Sitesi ScriptiCWE-89 8.2 High2026-03-12
CVE-2019-25518 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via arama.php — Hazir Haber Sitesi ScriptiCWE-89 8.2 High2026-03-12

Vulnerabilities classified as access:pre-auth represent 18802 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.