CVE-2026-6650 Z-BlogPHP ZBA File app_upload.php UnPack unrestricted upload

A vulnerability was identified in Z-BlogPHP 1.7.5. This affects the function App::UnPack of the file /zbusers/plugin/AppCentre/appupload.php of the component ZBA File Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit is publicly available an...

CVE-2026-6650 Z-BlogPHP ZBA File app_upload.php UnPack unrestricted upload

A vulnerability was identified in Z-BlogPHP 1.7.5. This affects the function App::UnPack of the file /zbusers/plugin/AppCentre/appupload.php of the component ZBA File Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit is publicly available an...

CVE-2026-6220

A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.java of the component Video File Download URL Handler. Such manipulation of the argument streamIp leads to server-side request forgery. It is possibl...

CVE-2026-5960

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The...

CVE-2026-6000

A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...

CVE-2026-6000

CVE-2026-6000 affects code-projects Online Library Management System 1.0, specifically the SQL Database Backup File Handler component handling the file /sql/library.sql. A manipulation of an unknown function leads to information disclosure. The vulnerability allows a remote attacker to access sen...

CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure

A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...

CVE-2026-5847 code-projects Movie Ticketing System SQL Database Backup File moviedb.sql information disclosure

A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an unknown function of the file /db/moviedb.sql of the component SQL Database Backup File Handler. Such manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been...

CVE-2026-5847

A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an unknown function of the file /db/moviedb.sql of the component SQL Database Backup File Handler. Such manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been...

PT-2026-31636

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The...

Code-Projects Patient Record Management System 访问控制错误漏洞

The Code-Projects Patient Record Management System is an open-source medical record management system developed by Code-Projects. Version 1.0 of the Code-Projects Patient Record Management System contains a vulnerability related to access control. This vulnerability stems from an information...

Code-Projects Movie Ticketing System 访问控制错误漏洞

The Code-Projects Movie Ticketing System is an open-source movie ticketing system developed by Code-Projects. Version 1.0 of the Code-Projects Movie Ticketing System contains a security vulnerability related to access control. This vulnerability stems from an information leakage issue in the...

Directory Traversal

Overview emmett is a The web framework for inventors Affected versions of this package are vulnerable to Directory Traversal via the RSGI static handler for internal assets. An attacker can access arbitrary files outside the intended directory by sending specially crafted requests containing...

CVE-2026-5666

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be perform...

CVE-2026-5601

A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been made public...

EUVD-2026-19364

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be perform...

CVE-2026-5666

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be perform...

CVE-2026-5659 pytries datrie trie File datrie.pyx Trie.__setstate__ deserialization

A vulnerability was found in pytries datrie up to 0.8.3. The affected element is the function Trie.load/Trie.read/Trie.setstate of the file src/datrie.pyx of the component trie File Handler. The manipulation results in deserialization. The attack can be launched remotely. The exploit has been mad...

CVE-2026-5659 pytries datrie trie File datrie.pyx Trie.__setstate__ deserialization

A vulnerability was found in pytries datrie up to 0.8.3. The affected element is the function Trie.load/Trie.read/Trie.setstate of the file src/datrie.pyx of the component trie File Handler. The manipulation results in deserialization. The attack can be launched remotely. The exploit has been mad...

EUVD-2026-19132

A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been made public...