221041 matches found
CVE-2026-14716
A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.13.0-beta.2. Impacted is the function MethodRouter.Handle of the file internal/gateway/router.go of the component WebSocket RPC Handler. Such manipulation leads to incorrect authorization. The attack may be launched...
CVE-2026-14713
A security flaw has been discovered in SourceCodester Pizzafy E-Commerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirmorder. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been...
CVE-2026-14705
A vulnerability was determined in code-projects Online Examination 1.0. Affected by this issue is some unknown functionality of the file head.php. Executing a manipulation of the argument uname/password can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-14704
A vulnerability was found in stephen-kruger bluebox up to 4.5.12. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument code results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could ...
CVE-2026-14701
A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/changepassword.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed...
CVE-2026-14698
A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file uploadfiles.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been...
CVE-2026-14695
Summary: CVE-2026-14695 affects SourceCodester Multi-Vendor Online Grocery Management System 1.0. The vulnerability exists in the Registration Handler’s function save_client (file: classes/Users.php) where manipulation of the Name argument enables an SQL injection. The issue can be triggered remo...
EUVD-2026-41718
A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveclient of the file classes/Users.php of the component Registration Handler. The manipulation of the argument Name results in sql injection. It is possible to launch the...
CVE-2026-14693
SourceCodester Multi-Vendor Online Grocery Management System 1.0 contains a vulnerability in the cancel_order function (classes/Master.php) that allows improper authorization via remote manipulation. The issue has an exploit published and is considered exploitable with proof-of-concept maturity. ...
EUVD-2026-41715
A vulnerability was detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26. Affected is the function saveshoptype of the file classes/Master.php of the component POST Parameter Handler. Performing a manipulation results in sql injection. The attack is possible to be...
EUVD-2026-41712
A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveusers of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made availabl...
CVE-2026-14689
CodeAstro Apartment Visitor Management System 1.0 contains a SQL injection flaw in the add-apartment.php handler (parameter apartmentno). The vulnerability arises from unsafely handling the argument, enabling remote exploitation. Public exploits exist. Impact in CVSS terms is MEDIUM with potentia...
EUVD-2026-41711
A security flaw has been discovered in CodeAstro Apartment Visitor Management System 1.0. The impacted element is an unknown function of the file /apartment-visitor/add-apartment.php. The manipulation of the argument apartmentno results in sql injection. The attack may be launched remotely. The...
EUVD-2026-41710
A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...
CVE-2026-14687
Affected software: 666ghj BettaFish (≤1.2.1). Vulnerable component: InsightEngine search-result Deduplication, specifically function _deduplicate_results in InsightEngine/agent.py. Root cause: manipulation can cause partial string comparison. Impact: remote exploitation possible. Publicly disclos...
CVE-2026-14686
Technical details about this CVE are not publicly available in the provided documents. Monitor for updates.
EUVD-2026-41708
A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range Check. Performing a manipulation results in incorrect comparison. The attack i...
CVE-2026-14685
HdrHistogram (up to 2.2.2) contains a vulnerability in AbstractHistogram.recordValueWithCount. The flaw involves manipulation of the Count argument in AbstractHistogram.java, causing a state issue. A local-execution vulnerability with publicly disclosed exploit exists; the issue is being tracked ...
CVE-2026-14684
HdrHistogram up to 2.2.2 is affected in org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer. The issue arises from manipulating the argument numberOfSignificantValueDigits in AbstractHistogram.java, leading to uncontrolled memory allocation. Attack requires local access. An exploit has been p...
CVE-2026-14683
CVE-2026-14683 affects HdrHistogram up to 2.2.2. The vulnerability is in org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer, where manipulating lengthOfCompressedContents can trigger uncontrolled memory allocation. Exploitation is local, and a public exploit exists. The issue was r...