PT-2026-30581

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the argument oid causes sql injection. The attack may be initiated remotely. The exploit has been mad...

PT-2026-30588

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...

PT-2026-30690

Name of the Vulnerable Software and Affected Versions Simple IT Discussion Forum version 1.0 Description A SQL injection issue exists due to the manipulation of the cat id argument in the /edit-category.php file. This can be exploited remotely. The exploit has been publicly disclosed...

PT-2026-30696

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowed tool.php of the component Parameter Handler. The manipulation of the argument emp results in sql injection. It is possible to launch the attack remotely. The exploit ha...

PT-2026-30679

Name of the Vulnerable Software and Affected Versions Cyber-III Student-Management-System versions up to 1a938fa61e9f735078e9b291d2e6215b4942af3f Description A SQL injection issue exists in the Parameter Handler component of Cyber-III Student-Management-System. The vulnerability is located in the...

PT-2026-30515

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

Huly Platform 安全漏洞

Huly Platform is an integrated project management platform developed by Huly in open source. Version 0.7.382 of Huly Platform contains a security vulnerability, which stems from the use of a hardcoded secret key in the SERVERSECRET parameter of the JWT Token Handler component...

PT-2026-30579

A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /book car.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...

PT-2026-30717

A flaw has been found in itsourcecode sanitize or validate this input 1.0. This impacts an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument emp id causes sql injection. The attack is possible to be carried out remotely. The...

PT-2026-30565

A vulnerability was determined in hcengineering Huly Platform 0.7.382. Affected by this issue is some unknown functionality of the file foundations/core/packages/token/src/token.ts of the component JWT Token Handler. This manipulation of the argument SERVER SECRET with the input secret causes use...

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Version 4.2.0 of free5GC contains a security vulnerability, which stems from issues with the NGSetupRequest Handler component and could lead to denial-of-service attacks...

PT-2026-30665

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be perform...

PT-2026-30587

A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted is an unknown function of the file /admin/update-image3.php of the component Parameter Handler. Executing a manipulation of the argument filename can lead to sql injection. The attack can be executed remotely. The...

CVE-2026-5604

A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter Handler. Performing a manipulation of the argument standard results in stack-based buffer overflow. Remote...

CVE-2026-5604 Tenda CH22 Parameter CertLocalPrecreate formCertLocalPrecreate stack-based overflow

A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter Handler. Performing a manipulation of the argument standard results in stack-based buffer overflow. Remote...

CVE-2026-5604

A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter Handler. Performing a manipulation of the argument standard results in stack-based buffer overflow. Remote...

CVE-2026-5604

CVE-2026-5604 affects Tenda CH22 router (version 1.0.0.1). The vulnerability is in the Parameter Handler’s formCertLocalPrecreate function (/goform/CertLocalPrecreate). Manipulation of the argument standard leads to a stack-based buffer overflow, enabling remote code execution. An exploit has bee...

CVE-2026-5601

A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been made public...

CVE-2026-5601

CVE-2026-5601 affects Acrel Electrical Prepaid Cloud Platform 1.0, specifically the Backup File Handler . The issue stems from unknown processing of the file /bin.rar , resulting in information disclosure . Exploitation is remote and the exploit has been published. The provided documents do not i...

CVE-2026-5601 Acrel Electrical Prepaid Cloud Platform Backup File bin.rar information disclosure

A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been made public...