22065 matches found
CVE-2026-5542
The CVE αφορά code-projects Simple Laundry System 1.0. Vulnerable is an unknown function in the Parameter Handler, specifically in the file /modstaffinfo.php where manipulating the userid argument can trigger cross-site scripting. The issue is exploitable remotely and the exploit has been publicl...
CVE-2026-5541
A vulnerability was found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the file /modmemberinfo.php of the component Parameter Handler. Performing a manipulation of the argument userid results in cross site scripting. The attack may be initiated remotel...
CVE-2026-5541
CVE-2026-5541 affects code-projects Simple Laundry System 1.0, specifically the Parameter Handler’s modmemberinfo.php. Affected entry arises from manipulating the userid argument, causing cross-site scripting. The vulnerability can be triggered remotely and an exploit is public. Document does not...
EUVD-2026-19017
A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The...
EUVD-2026-19015
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible...
CVE-2026-5539 code-projects Simple Laundry System Parameter modifymember.php cross site scripting
A flaw has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /modifymember.php of the component Parameter Handler. This manipulation of the argument firstName causes cross site scripting. The attack can be initiated remotely. The exploit has been...
CVE-2026-5535
A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The...
CVE-2026-5534
A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...
CVE-2026-5533
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible...
CVE-2026-5535
FedML-AI FedML up to 0.8.9 has a path traversal flaw in the MQTT Message Handler’s FileUtils.java triggered by manipulating the dataSet argument. The issue is remotely exploitable and an exploit has been publicly released. Affected component: MQTT Message Handler (FileUtils.java) within FedML-Fed...
CVE-2026-5535 FedML-AI FedML MQTT Message FileUtils.java path traversal
A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The...
CVE-2026-5535 FedML-AI FedML MQTT Message FileUtils.java path traversal
A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The...
CVE-2026-5535
A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The...
CVE-2026-5534
CVE-2026-5534 affects the itsourcecode Online Enrollment System 1.0. The vulnerability is in an unknown function of the component Parameter Handler, specifically the file /sms/user/index.php?view=edit&id=10, where manipulation of the USERID parameter leads to SQL injection. It can be exploited re...
CVE-2026-5533
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible...
CVE-2026-5533 badlogic pi-mono SVG Artifact SvgArtifact.ts cross site scripting
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible...
CVE-2026-5533 badlogic pi-mono SVG Artifact SvgArtifact.ts cross site scripting
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible...
EUVD-2026-19003
A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible t...
CVE-2026-5530
Ollama up to 18.1 contains a flaw in the Model Pull API’s file server/download.go that allows manipulation leading to server-side request forgery (SSRF). The issue can be exploited remotely. Connected sources confirm the vulnerable component and impact, but no vendor patch or remediation is docum...
PT-2026-30430
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...