CVE Vulnerabilities - 20 February 2026

Fiverr Clone Script 1.2.2 is not secure, allowing unauthorized access to its database. This means an attacker could potentially steal sensitive information or alter the database. Update to a secure ve...

An attacker can intercept and manipulate password reset links sent to users, potentially allowing them to access the account. This is due to the application's use of the HTTP Host header to generate U...

A security risk exists in versions of Nika up to 1.2.14. Attackers can exploit this by tricking Nika into loading malicious files from the local system, potentially leading to unauthorized actions. Up...

A security issue in Nagios Host's configuration wizard allows attackers who are already authenticated to execute malicious code on the server. This could lead to unauthorized access, data theft, or ot...

Some Nagios Host installations allow hackers to run their own code on your servers if they have an account. This is bad news because it means your server's security could be compromised. To fix this, ...

A security issue exists in Nagios Host that could allow attackers with a login to execute code on your system. To stay secure, update Nagios Host to the latest version as soon as possible.

If an attacker has access to your GFI Archiver system, they can potentially execute their own code, which could lead to unauthorized changes or data theft. This is a serious issue that requires immedi...

A vulnerability in GFI Archiver allows attackers to execute malicious code on affected systems, even if they're already authenticated. This is a serious issue because it could allow an attacker to gai...

A security issue in phpMoAdmin allows attackers to trick authenticated users into making changes to databases and collections without permission. This can lead to data loss or unauthorized access. To ...

Authenticated users can upload and run PHP files through the file manager in Chamilo Learning Management System. This means attackers can potentially take control of the system and access sensitive da...

The Port Forwarding Configuration Endpoint in D-Link DWR-M960 has a security flaw that could allow hackers to access your router's settings if you visit a malicious website. This is a serious issue be...

A flaw in the D-Link DWR-M960's configuration settings can be exploited remotely, allowing attackers to potentially take control of the device. This can happen when the device incorrectly handles user...

The openITCOCKPIT monitoring tool has a security weakness that could allow an attacker to run malicious code on your server. This weakness is present in older versions of the Community Edition. To pro...

A security flaw in the D-Link DWR-M960's DDNS Settings Handler can allow an attacker to execute unauthorized code on the device, potentially allowing them to take control of the device. This can happe...

A vulnerability in the D-Link DWR-M960 router's NTP configuration feature allows an attacker to potentially execute malicious code remotely. This could happen if the attacker can trick the router into...

A flaw in the D-Link DWR-M960's log configuration system can be exploited by an attacker to inject malicious code. This could allow an attacker to take control of the device. We recommend that users u...

OpenSourcePOS, a point of sale software, contains a security flaw that allows an attacker to read sensitive files on the server. This could lead to further exploitation, potentially allowing an attack...

An attacker can inject malicious code into Applay - Shortcodes, which is a plugin used in the Applay platform. This could allow an attacker to take control of the system or steal sensitive information...

An attacker can inject malicious data into WooCommerce category banners, potentially causing untrusted data to be executed. This issue affects WooCommerce Category Banner Management, which is used to ...

An issue in WP Life Slider Image Slider can allow an attacker to inject malicious code into your website. This could lead to unauthorized access or other security problems if you're using a vulnerable...

WP Life Image Gallery has a security issue that allows attackers to inject malicious code. This could lead to unauthorized actions on your website. We recommend updating to the latest version (version...

An attacker can inject malicious code into Booking and Rental Manager, potentially stealing sensitive data or taking control of the system. This issue affects all versions of the plugin up to 2.5.9. T...

The PeakShops plugin for WordPress may allow an attacker to execute malicious code by manipulating how data is processed. This affects all versions up to 1.5.9. To protect your site, update to a fixed...

A security flaw in the Kleor Contact Manager software allows an attacker to inject malicious code, potentially leading to unauthorized actions or data breaches. This issue affects versions 9.1.1 and e...

A security flaw in ModelTheme Addons for WPBakery and Elementor can allow an attacker to manipulate the way the software works. This affects users of the ModelTheme Addons for WPBakery and Elementor, ...