Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

220444 matches found

EUVD
EUVDadded 2026/06/08 12:30 a.m.11 views

EUVD-2026-34999

A vulnerability was detected in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /admin/?page=roomtypes. Performing a manipulation of the argument room results in cross site scripting. The attack is possible to be carried out...

4.8CVSS4.1AI score0.00347EPSS
Exploits0References7
EUVD
EUVDadded 2026/06/08 12:30 a.m.6 views

EUVD-2026-34997

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

5.5CVSS5.2AI score0.00253EPSS
Exploits0References8
EUVD
EUVDadded 2026/06/08 12:30 a.m.11 views

EUVD-2026-34992

A vulnerability has been found in NousResearch hermes-agent up to 0.12.0. This affects the function resolvesessionbytitle of the file hermesstate.py of the component resume Endpoint. Such manipulation of the argument Title leads to authorization bypass. It is possible to launch the attack remotel...

6.5CVSS5.1AI score0.00225EPSS
Exploits0References7
EUVD
EUVDadded 2026/06/08 12:30 a.m.8 views

EUVD-2026-34994

A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unknown function of the component Shared Pointer Handler. Executing a manipulation can lead to type confusion. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor...

7.5CVSS5.1AI score0.00313EPSS
Exploits0References8
CVE
CVEadded 2026/06/08 12:30 a.m.27 views

CVE-2026-11472

The CVE-2026-11472 affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability is an SQL injection in the /index1.php file triggered by manipulating the Password parameter. It is remotely exploitable and the exploit has been publicly disclosed (PoC activity indicated). No spec...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/08 12:30 a.m.40 views

CVE-2026-11472 SourceCodester Class and Exam Timetabling System index1.php sql injection

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS0.00412EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/08 12:30 a.m.4 views

CVE-2026-11472

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7AI score0.00412EPSS
Exploits0References6Affected Software1
NVD
NVDadded 2026/06/08 12:16 a.m.9 views

CVE-2026-11467

A security vulnerability has been detected in jishenghua jshERP up to 3.6. This vulnerability affects the function addAccountHeadAndDetail of the file jshERP-boot/src/main/java/com/jsh/erp/service/AccountHeadService.java of the component addAccountHeadAndDetail Endpoint. Such manipulation of the...

5.5CVSS0.00323EPSS
Exploits0References6
NVD
NVDadded 2026/06/08 12:16 a.m.11 views

CVE-2026-11468

A vulnerability was detected in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /admin/?page=roomtypes. Performing a manipulation of the argument room results in cross site scripting. The attack is possible to be carried out...

4.8CVSS0.00347EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/08 12:15 a.m.10 views

EUVD-2026-35002

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/08 12:15 a.m.35 views

CVE-2026-11471 SourceCodester Class and Exam Timetabling System index2.php sql injection

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS0.00412EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/08 12:15 a.m.5 views

CVE-2026-11471

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00412EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/08 12:15 a.m.6 views

CVE-2026-11471 SourceCodester Class and Exam Timetabling System index2.php sql injection

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/08 12:0 a.m.39 views

CVE-2026-11470 hs-web hsweb-framework File Upload FileUploadProperties.java denied path traversal

A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...

6.5CVSS0.00424EPSS
Exploits0References8
EUVD
EUVDadded 2026/06/08 12:0 a.m.8 views

EUVD-2026-35001

A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...

6.5CVSS6AI score0.00424EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/06/08 12:0 a.m.3 views

CVE-2026-11470

A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...

6.5CVSS6AI score0.00424EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/08 12:0 a.m.7 views

CVE-2026-11470 hs-web hsweb-framework File Upload FileUploadProperties.java denied path traversal

A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...

6.5CVSS6AI score0.00424EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.8 views

PT-2026-47335

A security flaw has been discovered in imvks786 student management system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This impacts an unknown function of the file admin/admin login.php of the component Administrator Login Endpoint. Performing a manipulation of the argument a usr/a pwd results...

7.5CVSS5.3AI score0.00328EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.11 views

PT-2026-47253

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/All notice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input as part of POST leads to cross site scripting. I...

4.8CVSS3.8AI score0.00223EPSS
Exploits0References7
Packet Storm
Packet Stormadded 2026/06/08 12:0 a.m.33 views

📄 WordPress Burst Statistics 3.4.1.1 Authentication Bypass

WordPress Burst Statistics plugin versions 3.4.0 through 3.4.1.1 authentication bypass to administrative takeover exploitation framework. ================================================================================================================================== | Title : WordPress 3.4.1.1...

9.8CVSS5.4AI score0.03076EPSS
Exploits9
Rows per page
Query Builder