Lucene search
K

846 matches found

Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7618

MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends user-controlled input to the photos directory and attempts to prevent traversal by removing dot-dot sequences, but this protection can be bypassed using crafted...

6.9CVSS5.6AI score0.005EPSS
Exploits0References4
OSV
OSV
added 2026/02/10 12:28 a.m.4 views

GHSA-37CX-329C-33X3 go-git improperly verifies data integrity values for .idx and .pack files

Impact A vulnerability was discovered in go-git whereby data integrity values for .pack and .idx files were not properly verified. This resulted in go-git potentially consuming corrupted files, which would likely result in unexpected errors such as object not found. For context, clients fetch...

4.3CVSS5.6AI score0.00136EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/09 11:23 p.m.4 views

Improper Validation of Integrity Check Value

Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value for .idx and .pack files. An attacker can cause the application to consume corrupted files, leading to unexpected errors, due to checksums not being checked in the loadIdxFile function...

5.3CVSS5.7AI score0.00136EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/09 11:16 p.m.5 views

CVE-2026-25934

go-git is a highly extensible git implementation library written in pure Go. Prior to 5.16.5, a vulnerability was discovered in go-git whereby data integrity values for .pack and .idx files were not properly verified. This resulted in go-git potentially consuming corrupted files, which would like...

4.3CVSS7.1AI score0.00136EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/09 7:23 p.m.7 views

CVE-2026-2176

A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem0 leads to sql injection. The attack can be executed remotely...

8.8CVSS5.5AI score0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/09 8:2 a.m.5 views

CVE-2026-2223 code-projects Online Reviewer System index.php sql injection

A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/take/index.php. The manipulation of the argument ID leads to sql injection. It is possible to initia...

7.5CVSS5.6AI score0.00435EPSS
Exploits1References5
EUVD
EUVD
added 2026/02/08 10:2 p.m.8 views

EUVD-2026-5761

A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/report/index.php. The manipulation of the argument ay leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be us...

9.8CVSS5.4AI score0.00381EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/08 10:2 p.m.4 views

CVE-2026-2189 itsourcecode School Management System index.php sql injection

A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/report/index.php. The manipulation of the argument ay leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be us...

7.5CVSS5.6AI score0.00381EPSS
Exploits1References5
OSV
OSV
added 2026/02/08 7:16 p.m.4 views

CVE-2026-2176

A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem0 leads to sql injection. The attack can be executed remotely...

8.8CVSS5.8AI score0.00243EPSS
Exploits0References4
NVD
NVD
added 2026/02/08 7:16 p.m.9 views

CVE-2026-2176

A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem0 leads to sql injection. The attack can be executed remotely...

8.8CVSS0.00243EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/08 7:2 p.m.25 views

CVE-2026-2176 code-projects Contact Management System index.py sql injection

A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem0 leads to sql injection. The attack can be executed remotely...

6.5CVSS0.00243EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/08 7:2 p.m.6 views

EUVD-2026-5774

A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem0 leads to sql injection. The attack can be executed remotely...

8.8CVSS5.4AI score0.00243EPSS
Exploits0References4
CVE
CVE
added 2026/02/08 7:2 p.m.13 views

CVE-2026-2176

CVE-2026-2176 affects code-projects Contact Management System 1.0. The issue is a SQL injection caused by manipulating the argument selecteditem[0] in the file index.py, with remote execution possible. Multiple connected sources corroborate the vulnerability in index.py and its impact, without pr...

8.8CVSS6.5AI score0.00243EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.4 views

Xcode MCP Server 命令注入漏洞

Xcode MCP Server is an Xcode-compatible context protocol server developed by R. Huijts. Xcode MCP Server has a command injection vulnerability, which stems from incorrect handling of the args parameter in the src/tools/xcode/index.ts file, potentially leading to command injection...

8.8CVSS6.6AI score0.02953EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.6 views

Code-Projects Online Application System for Admission SQL注入漏洞

Code-Projects Online Application System for Admission is an online application system developed by Code-Projects. Version 1.0 of the Code-Projects Online Application System for Admission contains a SQL injection vulnerability. This vulnerability stems from incorrect operations with the...

9.8CVSS7.2AI score0.00391EPSS
Exploits0References5
OSV
OSV
added 2026/02/07 4:15 a.m.3 views

CVE-2026-2073

A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclos...

9.8CVSS5.8AI score0.00323EPSS
Exploits1References5
NVD
NVD
added 2026/02/06 10:16 a.m.8 views

CVE-2026-2013

A vulnerability was identified in itsourcecode Student Management System 1.0. This affects an unknown function of the file /ramonsys/soa/index.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used...

9.8CVSS0.00416EPSS
Exploits1References5
EUVD
EUVD
added 2026/02/06 10:2 a.m.6 views

EUVD-2026-5680

A security flaw has been discovered in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /ramonsys/billing/index.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

7.5CVSS7.1AI score0.00416EPSS
Exploits1References5
CVE
CVE
added 2026/02/06 9:2 a.m.14 views

CVE-2026-2012

The CVE-2026-2012 vulnerability affects itsourcecode Student Management System 1.0. The flaw is a SQL injection caused by manipulation of the ID argument in /ramonsys/facultyloading/index.php, enabling remote exploitation. Public disclosures exist for the exploit. Remediation guidance across sour...

9.8CVSS7.2AI score0.00326EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/06 9:2 a.m.3 views

CVE-2026-2012 itsourcecode Student Management System index.php sql injection

A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /ramonsys/facultyloading/index.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly...

7.5CVSS5.5AI score0.00326EPSS
Exploits1References5
Rows per page
Query Builder