Lucene search
K

884 matches found

Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47257

A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/add stock.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be...

6.5CVSS5.5AI score0.002EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47203

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00263EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/07 3:45 a.m.6 views

CVE-2026-11453

A vulnerability was found in Tiobon Employee Self-Service System up to 7.2. Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of the component Login Endpoint. The manipulation of the argument Keyword results in sql injection. The attack can be launched...

6.5CVSS5.3AI score0.00193EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.9 views

CVE-2026-7113

A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The manipulation of the argument INSECURENOAUTH results in missing authentication. The attack can be...

6.3CVSS5.3AI score0.00362EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.8 views

CVE-2026-10210

A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function sanitizepromptdescription of the file astrbot/core/skills/skillmanager.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.9 views

CVE-2026-10566

A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...

5.3CVSS5.6AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.10 views

CVE-2026-6634

A weakness has been identified in usememos memos up to 0.22.1. This affects the function memosaccesstoken of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to be...

6.5CVSS6AI score0.00252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.8 views

CVE-2026-6648

A vulnerability was found in Qibo CMS 1.0. Affected by this vulnerability is an unknown functionality of the component Internal Message Module. Performing a manipulation results in cross site scripting. The attack can be initiated remotely. The exploit has been made public and could be used. The...

5.1CVSS3.9AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.7 views

CVE-2026-7109

A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and...

6.9CVSS5.7AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.9 views

CVE-2026-7199

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deleteproduct. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the atta...

7.5CVSS7.1AI score0.00265EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.8 views

CVE-2026-5970

A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function checksolution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. Th...

9.8CVSS6.9AI score0.00387EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.9 views

CVE-2026-5962

A vulnerability was detected in Tenda CH22 1.0.0.6468. This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used...

9.8CVSS7AI score0.00537EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.9 views

CVE-2026-7123

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument setIptvCfg results in os command injection. The attack can be initiated remotely. The...

10CVSS7.4AI score0.01766EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 12:30 a.m.14 views

CVE-2026-11312

Bytedance InfiniStore vulnerable up to 0.2.33 via the purge_kv_map function in infinistore.h (KV Map Handler). Manipulation leads to inefficient algorithmic complexity. Attack requires local access; exploit publicly disclosed. No remediation details provided in the supplied documents.

4.8CVSS5.4AI score0.00112EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/05 12:30 a.m.8 views

CVE-2026-11312 bytedance InfiniStore KV Map infinistore.h purge_kv_map algorithmic complexity

A vulnerability was found in bytedance InfiniStore up to 0.2.33. The impacted element is the function purgekvmap in the library /src/infinistore.h of the component KV Map Handler. Performing a manipulation results in inefficient algorithmic complexity. The attack requires a local approach. The...

4.8CVSS4.8AI score0.00112EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.18 views

PT-2026-46960

Name of the Vulnerable Software and Affected Versions tittuvarghese CollegeManagementSystem affected versions not specified Description A remote SQL injection can be triggered by manipulating the department code argument within an unknown function of the file 'dashboard page/forms/fetch.php'. SQL...

7.5CVSS7.3AI score0.00284EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46235

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument input data"image" results in use of weak hash. The attac...

3.6CVSS5.1AI score0.00075EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/03 12:15 a.m.9 views

EUVD-2026-34059

A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public and may be used...

7.5CVSS6.9AI score0.00302EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/02 8:0 p.m.11 views

EUVD-2026-34022

A vulnerability was detected in sayan365 student-management-system up to 7f3c9ce7d410332335c2affac93a385485051800. This impacts an unknown function. The manipulation results in improper authentication. The attack can be executed remotely. The exploit is now public and may be used. This product...

7.5CVSS5.5AI score0.00498EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.10 views

CVE-2026-10234

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

5.1CVSS4.2AI score0.00203EPSS
Exploits0References1
Rows per page
Query Builder