CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/04/06 10:57 a.m.•3 views

CVE-2026-5554

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/processsearch.php of the component Parameter Handler. Performing a manipulation of the argument...

7.5CVSS6.8AI score0.00259EPSS

RedhatCVE•added 2026/04/06 10:57 a.m.•3 views

CVE-2026-5549

A vulnerability was determined in Tenda AC10 16.03.10.10multiTDE01. Affected by this issue is some unknown functionality of the file /webrootro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The atta...

7.5CVSS5.8AI score0.00395EPSS

RedhatCVE•added 2026/04/06 10:57 a.m.•4 views

CVE-2026-5551

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

7.5CVSS6.9AI score0.00259EPSS

EUVD•added 2026/04/06 9:31 a.m.•1 views

EUVD-2026-19200

A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /bookcar.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...

7.5CVSS5.8AI score0.00259EPSS

EUVD•added 2026/04/06 9:31 a.m.•2 views

EUVD-2026-19203

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS5.8AI score0.00259EPSS

NVD•added 2026/04/06 9:16 a.m.•2 views

CVE-2026-5637

7.5CVSS0.00259EPSS

NVD•added 2026/04/06 9:16 a.m.•5 views

CVE-2026-5639

A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted is an unknown function of the file /admin/update-image3.php of the component Parameter Handler. Executing a manipulation of the argument filename can lead to sql injection. The attack can be executed remotely. The...

6.5CVSS0.00246EPSS

NVD•added 2026/04/06 9:16 a.m.•10 views

CVE-2026-5640

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...

6.5CVSS0.00192EPSS

CVE•added 2026/04/06 9:15 a.m.•6 views

CVE-2026-5641

The CVE-2026-5641 issue affects PHPGurukul Online Shopping Portal Project 2.1, specifically the /admin/update-image1.php file in the Parameter Handler. The vulnerability arises from manipulating the filename argument, leading to SQL injection. It can be exploited remotely, and the exploit has bee...

6.5CVSS6.3AI score0.00196EPSS

ATTACKERKB•added 2026/04/06 9:15 a.m.•2 views

CVE-2026-5641

A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from...

6.5CVSS6.3AI score0.00196EPSS

Exploits0References5Affected Software1

CVE•added 2026/04/06 9:0 a.m.•14 views

CVE-2026-5640

The CVE-2026-5640 entry concerns PHPGurukul Online Shopping Portal Project 2.1. The vulnerability is an SQL injection in an unknown function within /admin/update-image2.php of the Parameter Handler, triggered by manipulating the filename argument. It is described as remotely exploitable and publi...

6.5CVSS6.4AI score0.00192EPSS

Cvelist•added 2026/04/06 8:45 a.m.•31 views

CVE-2026-5639 PHPGurukul Online Shopping Portal Project Parameter update-image3.php sql injection

6.5CVSS0.00246EPSS

NVD•added 2026/04/06 8:16 a.m.•2 views

CVE-2026-5634

7.5CVSS0.00259EPSS

CVE•added 2026/04/06 8:15 a.m.•10 views

CVE-2026-5637

CVE-2026-5637 affects projectworlds Car Rental System 1.0. The vulnerability lies in the Parameter Handler’s unknown code path that manipulates the Message argument in /message_admin.php, leading to an SQL injection. It can be exploited remotely, and the exploit has been disclosed publicly (explo...

7.5CVSS6.9AI score0.00259EPSS

Vulnrichment•added 2026/04/06 8:15 a.m.•2 views

CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection

7.5CVSS6.9AI score0.00259EPSS

CVE•added 2026/04/06 8:0 a.m.•9 views

CVE-2026-5636

CVE-2026-5636 affects PHPGurukul Online Shopping Portal Project 2.1, specifically an issue in the Parameter Handler for the /cancelorder.php endpoint. Manipulation of the argument oid enables SQL injection, with remote exploitation possible. The description notes that an exploit has been made pub...

ATTACKERKB•added 2026/04/06 8:0 a.m.•2 views

CVE-2026-5636

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the argument oid causes sql injection. The attack may be initiated remotely. The exploit has been mad...

Exploits0References5Affected Software1

Vulnrichment•added 2026/04/06 7:45 a.m.•1 views

CVE-2026-5635 PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

ATTACKERKB•added 2026/04/06 7:45 a.m.•4 views

CVE-2026-5635