Lucene search
K

62712 matches found

Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-55823

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit exam1.php file where a manipulation of the ID argument can lead to SQL injection, a technique used to interfere with the queries that an...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-55773

Name of the Vulnerable Software and Affected Versions SourceCodester Onlne Examination & Learning Management System version 1.0 Description An issue exists in the Registration Endpoint within the register.php file. A remote attacker can manipulate the role argument to cause improper privilege...

7.5CVSS7.1AI score0.00288EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 4 days ago14 views

PT-2026-55761

Name of the Vulnerable Software and Affected Versions code-projects Internship Management System version 1.0 Description An issue exists in the Employer Login Endpoint within the file employer/login.php. The manipulation of the email and password arguments allows for SQL injection, which is a...

7.5CVSS7.1AI score0.00263EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 4 days ago9 views

PT-2026-55785

Name of the Vulnerable Software and Affected Versions Hanwang e-Face General Management Platform version 6.3.5.4 Description A SQL injection issue exists in the /sysAuthStr/querySysAuthStr.do endpoint. This occurs when the manipulation of the argument order allows a remote attacker to execute...

7.5CVSS7.3AI score0.00259EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-55800

Name of the Vulnerable Software and Affected Versions code-projects Hotel and Tourism Reservation version 1.0 Description A remote SQL injection flaw exists in the /admin/add room.php endpoint. The issue occurs when manipulating the delete image, edit, description, number, price, rooms, or type...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-55792

Name of the Vulnerable Software and Affected Versions code-projects Real State Services version 1.0 Description An issue exists in the /addprojectsale.php endpoint where the manipulation of the amen variable allows for SQL injection. This allows a remote attacker to interfere with the database...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References9
NVD
NVD
added 5 days ago10 views

CVE-2026-14660

A vulnerability was found in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file login.php. Performing a manipulation of the argument txtUser/txtPass results in sql injection. The attack may be initiated remotely. The exploit has been made public and could...

7.5CVSS0.00412EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-14683

A vulnerability was detected in HdrHistogram up to 2.2.2. Affected by this issue is the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. The manipulation of the argument lengthOfCompressedContents results...

4.8CVSS5.4AI score0.00118EPSS
Exploits0References7
NVD
NVD
added 5 days ago7 views

CVE-2026-14656

A security vulnerability has been detected in code-projects Assessment Management 1.0. This affects an unknown part of the file /admin/remove-user.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed...

5.3CVSS0.00443EPSS
Exploits0References6
CVE
CVE
added 5 days ago15 views

CVE-2026-14658

The CVE-2026-14658 issue affects code-projects Assessment Management 1.0, specifically the file /lecturer/marking-scheme.php. The vulnerability is an SQL injection caused by manipulating the parameter smarksrange[]; it enables remote exploitation. Public exploit information is noted in the descri...

6.5CVSS6.5AI score0.00319EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago47 views

CVE-2026-14658 code-projects Assessment Management marking-scheme.php sql injection

A vulnerability was detected in code-projects Assessment Management 1.0. This vulnerability affects unknown code of the file /lecturer/marking-scheme.php. The manipulation of the argument smarksrange results in sql injection. It is possible to launch the attack remotely. The exploit is now public...

6.5CVSS0.00319EPSS
Exploits0References6
CVE
CVE
added 5 days ago14 views

CVE-2026-14656

CVE-2026-14656 affects code-projects Assessment Management 1.0, with a vulnerability in an unspecified part of /admin/remove-user.php where manipulating the ID parameter enables cross-site scripting. The issue is exploitable remotely and the exploit has been publicly disclosed. CVSS metrics indic...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
NVD
NVD
added 5 days ago6 views

CVE-2026-14653

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument userid causes sql injection. Remote exploitation of the attack is possible. The exploit has...

7.5CVSS0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-14655 code-projects Assessment Management view-users.php cross site scripting

A weakness has been identified in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file admin/view-users.php. Executing a manipulation of the argument User can lead to cross site scripting. The attack may be performed from remote. The exploit ha...

4.8CVSS0.00347EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago28 views

CVE-2026-14654 SourceCodester Simple and Nice Shopping Cart Script girlsproductdeletequery.php sql injection

A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the argument userid leads to sql injection. The attack can be executed remotely. The exploit is publicly...

7.5CVSS0.00412EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-41697

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument userid causes sql injection. Remote exploitation of the attack is possible. The exploit has...

7.5CVSS6.8AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago28 views

CVE-2026-14653 SourceCodester Simple and Nice Shopping Cart Script mensproductdeletequery.php sql injection

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the argument userid causes sql injection. Remote exploitation of the attack is possible. The exploit has...

7.5CVSS0.00412EPSS
Exploits0References6
NVD
NVD
added 5 days ago8 views

CVE-2026-14640

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit ha...

7.5CVSS0.00263EPSS
Exploits0References6
CVE
CVE
added 5 days ago16 views

CVE-2026-14641

SourceCodester Class and Exam Timetabling System 1.0 is affected by a SQL injection in the unknown functionality of /edit_course.php, triggered by manipulating the ID parameter. The vulnerability can be exploited remotely and has publicly disclosed exploits. The exact affected component, impact s...

7.5CVSS6.9AI score0.00416EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-14640 CodeAstro Apartment Visitor Management System Login index.php sql injection

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit ha...

7.5CVSS0.00263EPSS
Exploits0References6
Rows per page
Query Builder