Lucene search
K

221024 matches found

CVE
CVE
added 1 hour ago4 views

CVE-2026-14689

A security flaw has been discovered in CodeAstro Apartment Visitor Management System 1.0. The impacted element is an unknown function of the file /apartment-visitor/add-apartment.php. The manipulation of the argument apartmentno results in sql injection. The attack may be launched remotely. The...

6.5CVSS6.5AI score
Exploits0References6
EUVD
EUVD
added 2 hours ago5 views

EUVD-2026-41710

A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...

7.5CVSS6.9AI score
Exploits0References6
CVE
CVE
added 2 hours ago3 views

CVE-2026-14687

Affected software: 666ghj BettaFish (≤1.2.1). Vulnerable component: InsightEngine search-result Deduplication, specifically function _deduplicate_results in InsightEngine/agent.py. Root cause: manipulation can cause partial string comparison. Impact: remote exploitation possible. Publicly disclos...

6.9CVSS5.8AI score
Exploits0References7
CVE
CVE
added 3 hours ago6 views

CVE-2026-14686

Technical details about this CVE are not publicly available in the provided documents. Monitor for updates.

4.8CVSS5.5AI score
Exploits0References6
EUVD
EUVD
added 3 hours ago3 views

EUVD-2026-41708

A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range Check. Performing a manipulation results in incorrect comparison. The attack i...

4.8CVSS5.5AI score
Exploits0References6
CVE
CVE
added yesterday7 views

CVE-2026-14685

HdrHistogram (up to 2.2.2) contains a vulnerability in AbstractHistogram.recordValueWithCount. The flaw involves manipulation of the Count argument in AbstractHistogram.java, causing a state issue. A local-execution vulnerability with publicly disclosed exploit exists; the issue is being tracked ...

4.8CVSS5.3AI score
Exploits0References6
CVE
CVE
added yesterday6 views

CVE-2026-14684

HdrHistogram up to 2.2.2 is affected in org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer. The issue arises from manipulating the argument numberOfSignificantValueDigits in AbstractHistogram.java, leading to uncontrolled memory allocation. Attack requires local access. An exploit has been p...

4.8CVSS5.4AI score
Exploits0References6
CVE
CVE
added yesterday10 views

CVE-2026-14683

CVE-2026-14683 affects HdrHistogram up to 2.2.2. The vulnerability is in org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer, where manipulating lengthOfCompressedContents can trigger uncontrolled memory allocation. Exploitation is local, and a public exploit exists. The issue was r...

4.8CVSS5.4AI score
Exploits0References7
CVE
CVE
added yesterday6 views

CVE-2026-14660

The CVE-2026-14660 entry concerns code-projects Online Job Portal 1.0. The vulnerability lies in login.php where manipulating the arguments txtUser/txtPass causes SQL injection. Attack could be performed remotely and an exploit has been publicly released. Affected component: login handling in Onl...

7.5CVSS6.8AI score
Exploits0References6
CVE
CVE
added yesterday5 views

CVE-2026-14657

CVE-2026-14657 describes a SQL injection flaw in the code-projects Assessment Management 1.0, affecting the Database Query Handler. The vulnerability arises from how the argument squestions[] is processed in the file /lecturer/marking-scheme.php, enabling remote exploitation. The exploit is publi...

6.5CVSS6.4AI score
Exploits0References6
CVE
CVE
added yesterday7 views

CVE-2026-14655

CVE-2026-14655 affects code-projects Assessment Management 1.0. The vulnerability is in an unknown functionality of the file admin/view-users.php , where manipulating the argument User can lead to cross-site scripting (XSS) . The attack is described as possible to be performed from remote, with a...

4.8CVSS4.1AI score
Exploits0References6
EUVD
EUVD
added yesterday3 views

EUVD-2026-41698

A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the argument userid leads to sql injection. The attack can be executed remotely. The exploit is publicly...

7.5CVSS6.9AI score
Exploits0References6
EUVD
EUVD
added yesterday3 views

EUVD-2026-41696

A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit ha...

7.5CVSS6.8AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-14651

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grasscompiler::selector::extend/grasscompiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carried out locally. The exploit has been disclosed to the publi...

4.8CVSS5.1AI score
Exploits0References6Affected Software1
EUVD
EUVD
added yesterday3 views

EUVD-2026-41695

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grasscompiler::selector::extend/grasscompiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carried out locally. The exploit has been disclosed to the publi...

4.8CVSS5.1AI score
Exploits0References6
CVE
CVE
added yesterday6 views

CVE-2026-14650

Technical details about CVE-2026-14650 are not publicly available in the provided documents. Monitor for updates.

4.8CVSS5.5AI score
Exploits0References6
CVE
CVE
added yesterday5 views

CVE-2026-14649

The CVE-2026-14649 entry concerns code-projects Online Voting System 1.0. The vulnerability is in the test_input function of /saveVote.php, where manipulating the arguments voterName, voterEmail, voterID, or selectedCandidate leads to SQL injection. The flaw is exploitable remotely over the netwo...

7.5CVSS7AI score
Exploits0References6
CVE
CVE
added yesterday6 views

CVE-2026-14642

SourceCodester Class and Exam Timetabling System 1.0 contains a SQL injection in the /edit_class2.php endpoint caused by unsafely manipulated ID parameter. The vulnerability is remote and publicly exploitable (PoC). CVSS data from multiple sources indicate a NETWORK attack with low complexity and...

7.5CVSS6.9AI score
Exploits0References6
EUVD
EUVD
added yesterday5 views

EUVD-2026-41689

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /editcourse.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit h...

7.5CVSS6.9AI score
Exploits0References7
EUVD
EUVD
added yesterday4 views

EUVD-2026-41688

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit ha...

7.5CVSS6.8AI score
Exploits0References6
Rows per page
Query Builder