Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

216499 matches found

NVD
NVDadded 2026/04/10 4:17 a.m.2 views

CVE-2026-6006

A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edithpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

6.5CVSS0.00196EPSS
Exploits0References5
NVD
NVDadded 2026/04/10 4:17 a.m.4 views

CVE-2026-6007

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS0.00196EPSS
Exploits0References5
NVD
NVDadded 2026/04/10 4:17 a.m.8 views

CVE-2026-6005

A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematologyprint.php. Executing a manipulation of the argument hemid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS0.00196EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/10 3:30 a.m.28 views

CVE-2026-6010 CodeAstro Online Classroom takeassessment2.php sql injection

A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Affected by this vulnerability is an unknown functionality of the file /OnlineClassroom/takeassessment2.php?exid=14. Performing a manipulation of the argument Q1 results in sql injection. Remote exploitation of the attac...

6.5CVSS0.00196EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/10 3:30 a.m.4 views

CVE-2026-6010

A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Affected by this vulnerability is an unknown functionality of the file /OnlineClassroom/takeassessment2.php?exid=14. Performing a manipulation of the argument Q1 results in sql injection. Remote exploitation of the attac...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/04/10 3:30 a.m.20 views

CVE-2026-6010

CodeAstro Online Classroom (v1.0/2.php) contains an SQL injection in /OnlineClassroom/takeassessment2.php?exid=14. Manipulating the Q1 argument allows remote exploitation. The vulnerability is publicly exploit-ready per the CVE description; no remediation details are provided in the available doc...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5
NVD
NVDadded 2026/04/10 3:16 a.m.2 views

CVE-2026-6004

A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument catid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...

7.5CVSS0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/10 3:15 a.m.1 views

CVE-2026-6007

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/10 3:15 a.m.1 views

CVE-2026-6007 itsourcecode Construction Management System del.php sql injection

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/10 3:0 a.m.1 views

CVE-2026-6006 code-projects Patient Record Management System edit_hpatient.php sql injection

A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edithpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5
CVE
CVEadded 2026/04/10 3:0 a.m.8 views

CVE-2026-6006

The vulnerability affects code-projects Patient Record Management System 1.0, specifically the /edit_hpatient.php function where manipulating the ID parameter leads to a SQL injection. The issue is exploitable remotely and is described as a proof-of-concept in the provided details. No explicit re...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5
CVE
CVEadded 2026/04/10 2:45 a.m.16 views

CVE-2026-6005

CVE-2026-6005 affects code-projects Patient Record Management System 1.0; the vulnerable component is hematology_print.php, where manipulating the hem_id parameter enables SQL injection. Exploitation is possible remotely and an exploit has been published. The provided documents do not include any...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/10 2:45 a.m.3 views

CVE-2026-6005

A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematologyprint.php. Executing a manipulation of the argument hemid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/10 2:30 a.m.3 views

CVE-2026-6004 code-projects Simple IT Discussion Forum delete-category.php sql injection

A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument catid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...

7.5CVSS7AI score0.00254EPSS
Exploits0References5
CVE
CVEadded 2026/04/10 2:30 a.m.11 views

CVE-2026-6004

The vulnerability affects code-projects Simple IT Discussion Forum 1.0, specifically the /delete-category.php handler where manipulating the cat_id parameter triggers a SQL injection. The issue stems from unsafely handling input in that function, enabling a remote attacker to interact with the da...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/10 12:0 a.m.4 views

PT-2026-31889

Name of the Vulnerable Software and Affected Versions code-projects Simple IT Discussion Forum version 1.0 Description A flaw exists in code-projects Simple IT Discussion Forum version 1.0 that allows for SQL injection via manipulation of the Category argument in the /add-category-function.php...

7.5CVSS7AI score0.00367EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/04/10 12:0 a.m.3 views

PT-2026-31895

Name of the Vulnerable Software and Affected Versions CodeAstro Online Classroom version 1.0 Description A SQL injection issue exists due to manipulation of the fname argument in the file '/updatedetailsfromstudent.php?eno=146891650'. This can be exploited remotely. The exploit has been publicly...

6.5CVSS6.4AI score0.00205EPSS
Exploits0References9
Cvelist
Cvelistadded 2026/04/10 12:0 a.m.21 views

CVE-2026-36233

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...

0.00319EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/04/10 12:0 a.m.23 views

CVE-2026-36236

SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in updatepassword.php via the newpassword parameter...

0.00319EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/04/10 12:0 a.m.27 views

CVE-2026-36232

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

0.00319EPSS
Exploits1References1
Rows per page
Query Builder