Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

220444 matches found

Vulnrichment
Vulnrichmentadded 2026/06/08 11:15 a.m.7 views

CVE-2026-11509 CodeAstro Leave Management System search_staff_for_updation.php sql injection

A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/searchstaffforupdation.php. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/06/08 11:15 a.m.39 views

CVE-2026-11509 CodeAstro Leave Management System search_staff_for_updation.php sql injection

A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/searchstaffforupdation.php. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote...

6.5CVSS0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/06/08 11:0 a.m.5 views

CVE-2026-11508

A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/searchstafftoassignpc.php. This manipulation of the argument Name causes sql injection. The attack is possible to be carried out remotely. The...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2026/06/08 11:0 a.m.18 views

CVE-2026-11508

CodeAstro Leave Management System 1.0 contains a SQL injection in /admin/search_staff_to_assign_pc.php via manipulation of the Name parameter. The vulnerability is exploitable remotely, with exploit information publicly disclosed and proof-of-concept activity indicated by CVSS/ExploitMaturity dat...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/08 11:0 a.m.34 views

CVE-2026-11508 CodeAstro Leave Management System search_staff_to_assign_pc.php sql injection

A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/searchstafftoassignpc.php. This manipulation of the argument Name causes sql injection. The attack is possible to be carried out remotely. The...

6.5CVSS0.002EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/08 10:45 a.m.36 views

CVE-2026-11507 CodeAstro Leave Management System delete_leave_type.php sql injection

A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/deleteleavetype.php. The manipulation of the argument leavetype results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

6.5CVSS0.002EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/08 10:45 a.m.7 views

EUVD-2026-35043

A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/deleteleavetype.php. The manipulation of the argument leavetype results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

6.5CVSS6.4AI score0.002EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/08 10:45 a.m.5 views

CVE-2026-11507

A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/deleteleavetype.php. The manipulation of the argument leavetype results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

6.5CVSS6.4AI score0.002EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploitadded 2026/06/08 10:37 a.m.94 views

Web_Vulnerability_Assessment

🕸️ Week 03 — Web Vulnerability Assessment & Exploitation In...

10CVSS7.9AI score0.96184EPSS
Exploits28
EUVD
EUVDadded 2026/06/08 10:30 a.m.7 views

EUVD-2026-35042

A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/searchstafffordeletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...

6.5CVSS6.4AI score0.002EPSS
Exploits0References6
NVD
NVDadded 2026/06/08 10:16 a.m.10 views

CVE-2026-11501

A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /classes/Master.php?f=savepatient. The manipulation of the argument ID results in sql injection. It is possible to launch the attack...

7.5CVSS0.00412EPSS
Exploits0References6
NVD
NVDadded 2026/06/08 10:16 a.m.12 views

CVE-2026-11502

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS0.0038EPSS
Exploits0References7
NVD
NVDadded 2026/06/08 10:16 a.m.10 views

CVE-2026-11503

A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function formfastsettingwifiset of the file /goform/fastsettingwifiset of the component Wi-Fi Configuration Endpoint. Such manipulation of the argument ssid leads to stack-based buffer overflow. The...

9CVSS0.00796EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/08 10:15 a.m.5 views

CVE-2026-11505 GL.iNet XE3000 glnassys hard-coded key

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS5.2AI score0.0019EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/08 10:15 a.m.8 views

EUVD-2026-35040

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS5.2AI score0.0019EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/08 10:15 a.m.38 views

CVE-2026-11505 GL.iNet XE3000 glnassys hard-coded key

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS0.0019EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/08 10:0 a.m.3 views

CVE-2026-11504

A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...

9CVSS8.4AI score0.00466EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/08 10:0 a.m.6 views

CVE-2026-11504 Tenda CX12L Wi-Fi Schedule Configuration Endpoint openSchedWifi setSchedWifi stack-based overflow

A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...

9CVSS8.4AI score0.00466EPSS
Exploits0References6
CVE
CVEadded 2026/06/08 10:0 a.m.14 views

CVE-2026-11504

The CVE-2026-11504 entry concerns Tenda CX12L firmware 16.03.53.12. The vulnerability exists in the Wi‑Fi Schedule Configuration Endpoint, specifically the setSchedWifi function in /goform/openSchedWifi. Crafting the schedStartTime or schedEndTime argument causes a stack‑based buffer overflow, en...

9CVSS8.4AI score0.00466EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/08 10:0 a.m.8 views

EUVD-2026-35039

A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...

9CVSS8.4AI score0.00466EPSS
Exploits0References6
Rows per page
Query Builder