CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/04/05 4:15 p.m.•21 views

CVE-2026-5580 CodeAstro Online Classroom Parameter addvideos.php sql injection

A vulnerability was identified in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/addvideos.php of the component Parameter Handler. The manipulation of the argument videotitle leads to sql injection. It is possible to initiate the attack remotely. The...

6.5CVSS0.00257EPSS

CVE•added 2026/04/05 4:15 p.m.•4 views

CVE-2026-5580

CVE-2026-5580 affects CodeAstro Online Classroom 1.0. The flaw is in the file /OnlineClassroom/addvideos.php (Parameter Handler) where manipulating the argument videotitle exposes an SQL injection vulnerability. Exploitation can be performed remotely; public exploits are available. Documents indi...

6.5CVSS6.5AI score0.00257EPSS

CVE•added 2026/04/05 4:0 p.m.•10 views

CVE-2026-5579

CVE-2026-5579 affects CodeAstro Online Classroom 1.0. The vulnerability stems from the Parameter Handler, specifically a manipulation of the fname argument in /OnlineClassroom/updatedetailsfromfaculty.php?myfid=108, which can lead to SQL injection. The issue is exploitable remotely, and public di...

6.5CVSS6.5AI score0.00257EPSS

ATTACKERKB•added 2026/04/05 3:45 p.m.•1 views

CVE-2026-5578

A vulnerability was found in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /OnlineClassroom/addassessment.php of the component Parameter Handler. Performing a manipulation of the argument deleteid results in sql injection. The attack is possible to be carried...

6.5CVSS6.4AI score0.00266EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/04/05 3:45 p.m.•1 views

CVE-2026-5578 CodeAstro Online Classroom Parameter addassessment.php sql injection

6.5CVSS6.4AI score0.00266EPSS

EUVD•added 2026/04/05 3:31 p.m.•1 views

EUVD-2026-19091

A vulnerability was identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The impacted element is an unknown function of the file /fs of the component Configuration Data Handler. Such manipulation of the argument File leads to information disclosure. It is possible to launch the attack...

6.9CVSS5.5AI score0.00475EPSS

Exploits1References5

EUVD•added 2026/04/05 3:31 p.m.•2 views

EUVD-2026-19077

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack may be launche...

7.5CVSS6.9AI score0.00259EPSS

NVD•added 2026/04/05 2:16 p.m.•3 views

CVE-2026-5571

7.5CVSS0.00475EPSS

Cvelist•added 2026/04/05 1:45 p.m.•24 views

CVE-2026-5571 Technostrobe HI-LED-WR120-G2 Configuration Data fs information disclosure

6.9CVSS0.00475EPSS

ATTACKERKB•added 2026/04/05 1:45 p.m.•0 views

CVE-2026-5571

6.9CVSS5.7AI score0.00475EPSS

Vulnrichment•added 2026/04/05 1:45 p.m.•1 views

CVE-2026-5571 Technostrobe HI-LED-WR120-G2 Configuration Data fs information disclosure

6.9CVSS5.7AI score0.00475EPSS

CVE•added 2026/04/05 1:45 p.m.•8 views

CVE-2026-5571

CVE-2026-5571 concerns Technostrobe HI-LED-WR120-G2 with firmware 5.5.0.1R6.03.30. The issue lies in an unknown function within the /fs section of the Configuration Data Handler, where manipulating the File argument disclosure could occur. Reports indicate a remote attack is possible and that an ...

7.5CVSS5.7AI score0.00475EPSS

Exploits1References4Affected Software1

NVD•added 2026/04/05 1:17 p.m.•2 views

CVE-2026-5565

7.5CVSS0.00259EPSS

CVE•added 2026/04/05 12:45 p.m.•15 views

CVE-2026-5567

CVE-2026-5567 applies to Tenda M3 firmware 1.0.0.10, specifically the Destination Handler function setAdvPolicyData. The vulnerability stems from a manipulation of the policyType argument that can cause a buffer overflow, enabling remote execution. Multiple sources in the connected documents conf...

9CVSS7.8AI score0.00632EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2026/04/05 12:45 p.m.•2 views

CVE-2026-5567 Tenda M3 Destination setAdvPolicyData buffer overflow

A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS7.8AI score0.00632EPSS

Exploits1References5

EUVD•added 2026/04/05 12:30 p.m.•4 views

EUVD-2026-19069

A vulnerability was determined in Campcodes Complete POS Management and Inventory System up to 4.0.6. This affects an unknown function of the file app/Http/Controllers/SettingsController.php of the component Environment Variable Handler. Executing a manipulation can lead to injection. It is...

6.5CVSS6.3AI score0.00291EPSS

EUVD•added 2026/04/05 12:30 p.m.•4 views

EUVD-2026-19056

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/processsearch.php of the component Parameter Handler. Performing a manipulation of the argument...

7.5CVSS6.8AI score0.00259EPSS

EUVD•added 2026/04/05 12:30 p.m.•1 views

EUVD-2026-19063

A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely...

6.5CVSS6.3AI score0.00255EPSS

NVD•added 2026/04/05 12:16 p.m.•2 views

CVE-2026-5564

A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. This manipulation of the argument searchServiceId causes sql injection. The attack may be initiate...

7.5CVSS0.00259EPSS