Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 24810+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 6.4
Tecnoteca CMDBuild 3.3.1 Stored XSS Vulnerability Summary with POC
www.exploit-db.com · 2026-05-10

# CMDBuild 3.3.2 Cross-Site Scripting (XSS) Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: CMDBuild 3.3.2 - 'Multiple' Cross Site Scripting (XSS) * **EDB-ID**: 50257 * **Pub…

Read more
CVSS 8.2
WordPress Survey & Poll Plugin SQL Injection Vulnerability Analysis with POC
www.exploit-db.com · 2026-05-10

# WordPress Plugin Survey & Poll 1.5.7.3 'sss_params' SQL Injection Vulnerability Summary ## Vulnerability Overview - **Vulnerability Type**: SQL Injection - **Vulnerable Component**: WordPress Plugin…

Read more
CVSS 6.4
Advanced Guestbook 2.4.4 Persistent XSS Vulnerability and POC
www.exploit-db.com · 2026-05-10

# Vulnerability Summary ## Overview - **Vulnerability Name**: Advanced Guestbook 2.4.4 - Persistent Cross-Site Scripting (XSS) in 'Smilies' - **EDB-ID**: 49875 - **Publication Date**: 2021-05-17 - **C…

Read more
CVSS 8.2
WordPress Plugin Survey & Poll 1.5.7.3 Unauthenticated SQL Injection Vulnerability
www.vulncheck.com · 2026-05-10

# WordPress Plugin Survey & Poll 1.5.7.3 SQL Injection Vulnerability ## Vulnerability Overview The WordPress plugin **Survey & Poll** version **1.5.7.3** contains an SQL injection vulnerability. Attac…

Read more
CVSS 7.8
Argus Surveillance DVR 4.0 Unquoted Service Path Vulnerability Advisory
www.exploit-db.com · 2026-05-10

# Argus Surveillance DVR 4.0 - Unquoted Service Path Vulnerability ## Vulnerability Overview - **EDB-ID**: 50261 - **Publication Date**: 2021-09-06 - **Author**: Salman Asad (@deathflash1411) - **Type…

Read more
CVSS 6.4
Rocket LMS v1.1 Persistent XSS Vulnerability Advisory with PoC
www.exploit-db.com · 2026-05-10

# Rocket LMS 1.1 - Persistent Cross-Site Scripting (XSS) Vulnerability Summary ## Vulnerability Overview * **Vulnerability Type**: Persistent Cross-Site Scripting (Persistent XSS) * **Vulnerability ID…

Read more
Premium intel
CVSS 8.8
ImpressCMS 1.4.2 Authenticated Remote Code Execution (RCE) Vulnerability Analysis
www.exploit-db.com · 2026-05-10

# ImpressCMS 1.4.2 Remote Code Execution (RCE) Vulnerability Summary ## Vulnerability Overview ImpressCMS version 1.4.2 contains a remote code execution vulnerability. Due to misconfigured Autotasks, …

Read more
Premium intel
CVSS 8.8
Sentry <8.2.2 Authenticated RCE via Pickle Deserialization
www.exploit-db.com · 2026-05-10

# Sentry 8.2.0 Remote Code Execution Vulnerability (RCE) Summary ## Vulnerability Overview * **Vulnerability Name**: Sentry 8.2.0 - Remote Code Execution (RCE) (Authenticated) * **EDB-ID**: 50318 * **…

Read more
CVSS 6.4
WordPress Plugin AccessPress Social Icons 1.8.2 Stored XSS Vulnerability
www.exploit-db.com · 2026-05-10

# Stored Cross-Site Scripting (XSS) Vulnerability in WordPress Plugin AccessPress Social Icons 1.8.2 ## Vulnerability Overview * **Vulnerability Type**: Stored Cross-Site Scripting (Stored XSS) * **Vu…

Read more
CVSS 6.4
Stored XSS in WordPress Plugin Ultimate Product Catalog <=5.8.2 via price parameter (CVE-79 VE-79)
www.vulncheck.com · 2026-05-10

# WordPress Plugin Ultimate Product Catalog 5.8.2 Stored XSS via price ## Vulnerability Overview - **Vulnerability Type**: Stored Cross-Site Scripting (Stored XSS) - **Vulnerability ID**: CVE-79 VE-79…

Read more
CVSS 6.4
WordPress Plugin AccessPress Social Icons 1.8.2 Stored XSS Vulnerability Advisory
www.vulncheck.com · 2026-05-10

# WordPress Plugin AccessPress Social Icons 1.8.2 Stored XSS ## Vulnerability Overview - **Vulnerability Type**: Stored Cross-Site Scripting (Stored XSS) - **Severity**: Medium - **Publication Date**:…

Read more
CVSS 8.2
Balbooa Joomla Forms Builder 2.0.6 Unauthenticated SQL Injection (EDB-50447)
www.exploit-db.com · 2026-05-10

# Balbooa Joomla Forms Builder 2.0.6 - SQL Injection Vulnerability ## Vulnerability Overview * **Vulnerability Type**: SQL Injection (SQLi) * **Vulnerability Status**: Unauthenticated * **EDB-ID**: 50…

Read more
CVSS 6.4
WordPress Picture Gallery 1.4.2 Pre-Auth Stored XSS in 'Edit Content URL'
www.exploit-db.com · 2026-05-10

# WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS) Vulnerability ## Vulnerability Overview This vulnerability exists in the WordPress plugin Picture Galler…

Read more
CVSS 6.4
WordPress Picture Gallery 1.4.2 Stored XSS via Edit Content URL
www.vulncheck.com · 2026-05-10

# WordPress Picture Gallery 1.4.2 Stored XSS Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: WordPress Picture Gallery 1.4.2 Stored XSS via Edit Content URL - **Vulnerability…

Read more
CVSS 6.4
Exponent CMS 2.6 Stored XSS and Authentication Brute Force Vulnerabilities with POC
www.exploit-db.com · 2026-05-10

# Exponent CMS 2.6 Multiple Vulnerabilities ## Vulnerability Overview This vulnerability involves multiple security issues in Exponent CMS version 2.6, including Stored Cross-Site Scripting (Stored XS…

Read more
CVSS 6.4
WordPress Plugin Contact Form to Email 1.3.24 Stored XSS Vulnerability with POC
www.exploit-db.com · 2026-05-10

# Stored Cross-Site Scripting (XSS) Vulnerability in WordPress Plugin Contact Form to Email 1.3.24 ## Vulnerability Overview - **Vulnerability Type**: Stored Cross-Site Scripting (Stored XSS) - **Auth…

Read more
CVSS 8.2
Opencart TMD Vendor System 3.x Blind SQL Injection Vulnerability (EDB-50493)
www.exploit-db.com · 2026-05-10

# Vulnerability Summary: Opencart 3 Extension TMD Vendor System - Blind SQL Injection ## Vulnerability Overview - **Vulnerability Type**: Blind SQL Injection - **Vulnerability ID**: EDB-ID: 50493 - **…

Read more
CVSS 6.4
Stored XSS Vulnerability in WordPress Contact Form to Email Plugin (CVE-2021-47926)
www.vulncheck.com · 2026-05-10

# WordPress Contact Form to Email 1.3.24 Stored XSS Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: WordPress Contact Form to Email 1.3.24 Stored Cross-Site Scripting (Stored…

Read more
Premium intel
CVSS 8.8
TextPattern CMS 4.8.7 Authenticated Remote Code Execution (RCE) Exploit
www.exploit-db.com · 2026-05-10

# TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated) ## Vulnerability Overview - **EDB-ID**: 49996 - **Author**: Mert Das (mertpreter@gmail.com) - **Type**: Webapps - **Platform**: PHP -…

Read more
CVSS 5.3
OpenCart 3.0.36 CSRF Vulnerability Leading to Account Takeover (ATO)
www.exploit-db.com · 2026-05-10

# OpenCart 3.0.36 - Account Takeover (ATO) via Cross-Site Request Forgery ## Vulnerability Overview OpenCart versions 3.0.36 and below are vulnerable to Cross-Site Request Forgery (CSRF), allowing att…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.