Lucene search
K

62693 matches found

NVD
NVD
added 4 days ago8 views

CVE-2026-14690

A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveusers of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made availabl...

7.5CVSS0.00288EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-14690

A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveusers of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made availabl...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-14690 SourceCodester Multi-Vendor Online Grocery Management System Users.php save_users improper authorization

A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveusers of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made availabl...

7.5CVSS0.00288EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-41712

A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveusers of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made availabl...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References6
CVE
CVE
added 4 days ago16 views

CVE-2026-14690

Affected product: SourceCodester Multi-Vendor Online Grocery Management System 1.0. Vulnerable component: function save_users in classes/Users.php. Root cause: manipulation leads to improper authorization. Impact described: remote exploitation is possible and the exploit has been made publicly av...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References6
NVD
NVD
added 4 days ago8 views

CVE-2026-14688

A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...

7.5CVSS0.00281EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago36 views

CVE-2026-14687 666ghj BettaFish InsightEngine search-result Deduplication agent.py _deduplicate_results partial string comparison

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function deduplicateresults of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched...

6.9CVSS0.00332EPSS
Exploits0References7
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-41709

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function deduplicateresults of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched...

6.9CVSS5.8AI score0.00332EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-55823

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit exam1.php file where a manipulation of the ID argument can lead to SQL injection, a technique used to interfere with the queries that an...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-55821

Name of the Vulnerable Software and Affected Versions code-projects Real State Services version 1.0 Description Remote SQL injection is possible due to improper processing of the Bankname variable within the '/pay.php' endpoint. SQL injection is a technique where an attacker inserts malicious SQL...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 4 days ago9 views

PT-2026-55800

Name of the Vulnerable Software and Affected Versions code-projects Hotel and Tourism Reservation version 1.0 Description A remote SQL injection flaw exists in the /admin/add room.php endpoint. The issue occurs when manipulating the delete image, edit, description, number, price, rooms, or type...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 4 days ago9 views

PT-2026-55792

Name of the Vulnerable Software and Affected Versions code-projects Real State Services version 1.0 Description An issue exists in the /addprojectsale.php endpoint where the manipulation of the amen variable allows for SQL injection. This allows a remote attacker to interfere with the database...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References9
NVD
NVD
added 5 days ago9 views

CVE-2026-14660

A vulnerability was found in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file login.php. Performing a manipulation of the argument txtUser/txtPass results in sql injection. The attack may be initiated remotely. The exploit has been made public and could...

7.5CVSS0.00412EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-14683

A vulnerability was detected in HdrHistogram up to 2.2.2. Affected by this issue is the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. The manipulation of the argument lengthOfCompressedContents results...

4.8CVSS5.4AI score0.00118EPSS
Exploits0References7
NVD
NVD
added 5 days ago7 views

CVE-2026-14656

A security vulnerability has been detected in code-projects Assessment Management 1.0. This affects an unknown part of the file /admin/remove-user.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed...

5.3CVSS0.00443EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago45 views

CVE-2026-14658 code-projects Assessment Management marking-scheme.php sql injection

A vulnerability was detected in code-projects Assessment Management 1.0. This vulnerability affects unknown code of the file /lecturer/marking-scheme.php. The manipulation of the argument smarksrange results in sql injection. It is possible to launch the attack remotely. The exploit is now public...

6.5CVSS0.00319EPSS
Exploits0References6
CVE
CVE
added 5 days ago15 views

CVE-2026-14658

The CVE-2026-14658 issue affects code-projects Assessment Management 1.0, specifically the file /lecturer/marking-scheme.php. The vulnerability is an SQL injection caused by manipulating the parameter smarksrange[]; it enables remote exploitation. Public exploit information is noted in the descri...

6.5CVSS6.5AI score0.00319EPSS
Exploits0References6
CVE
CVE
added 5 days ago14 views

CVE-2026-14656

CVE-2026-14656 affects code-projects Assessment Management 1.0, with a vulnerability in an unspecified part of /admin/remove-user.php where manipulating the ID parameter enables cross-site scripting. The issue is exploitable remotely and the exploit has been publicly disclosed. CVSS metrics indic...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
NVD
NVD
added 5 days ago6 views

CVE-2026-14653

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument userid causes sql injection. Remote exploitation of the attack is possible. The exploit has...

7.5CVSS0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-14655 code-projects Assessment Management view-users.php cross site scripting

A weakness has been identified in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file admin/view-users.php. Executing a manipulation of the argument User can lead to cross site scripting. The attack may be performed from remote. The exploit ha...

4.8CVSS0.00347EPSS
Exploits0References6
Rows per page
Query Builder