Lucene search
K

846 matches found

Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.11 views

PT-2026-6715

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A security flaw exists in itsourcecode Student Management System 1.0. The issue involves a SQL injection affecting an unknown function within the file /ramonsys/billing/index.php...

9.8CVSS5.5AI score0.00416EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.8 views

PT-2026-5424

Name of the Vulnerable Software and Affected Versions itsourcecode Directory Management System version 1.0 Description A security issue exists in itsourcecode Directory Management System. The issue involves SQL injection, triggered by manipulating the Username argument. This can be initiated...

9.8CVSS7.1AI score0.00326EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2026/01/29 2:2 p.m.5 views

CVE-2026-1589 itsourcecode School Management System index.php sql injection

A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/inquiry/index.php. This manipulation of the argument txtsearch causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed an...

7.5CVSS5.8AI score0.00379EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/29 12:31 a.m.7 views

EUVD-2026-4853

A weakness has been identified in itsourcecode School Management System 1.0. The affected element is an unknown function of the file /course/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availab...

7.5CVSS5.8AI score0.00393EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.6 views

PT-2026-5281

berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src record' parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through a crafted POST request to the index.php endpoint to potentially extract or modify database information...

8.2CVSS6AI score0.00278EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2026/01/29 12:0 a.m.6 views

VulnCheck KEV: CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the indexen.php from parameter...

6.1CVSS5.8AI score0.02102EPSS
In wildExploits0References2
OSV
OSV
added 2026/01/28 10:15 p.m.2 views

CVE-2026-1545

A weakness has been identified in itsourcecode School Management System 1.0. The affected element is an unknown function of the file /course/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availab...

9.8CVSS5.7AI score0.00393EPSS
Exploits1References5
NVD
NVD
added 2026/01/28 10:15 p.m.4 views

CVE-2026-1545

A weakness has been identified in itsourcecode School Management System 1.0. The affected element is an unknown function of the file /course/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made availab...

9.8CVSS0.00393EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/27 9:24 a.m.11 views

CVE-2026-1422

A vulnerability was found in code-projects Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Page. Performing a manipulation of the argument User results in sql injection. The attack is possible to be carried ou...

9.8CVSS6.8AI score0.00483EPSS
Exploits1References1
EUVD
EUVD
added 2026/01/26 6:2 a.m.5 views

EUVD-2026-4702

A vulnerability was found in code-projects Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Page. Performing a manipulation of the argument User results in sql injection. The attack is possible to be carried ou...

7.5CVSS5.6AI score0.00483EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/26 6:2 a.m.9 views

CVE-2026-1422 code-projects Online Examination System Login Page index.php sql injection

A vulnerability was found in code-projects Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Page. Performing a manipulation of the argument User results in sql injection. The attack is possible to be carried ou...

7.5CVSS5.6AI score0.00483EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.4 views

Code-Projects Online Examination System SQL Injection Vulnerability

Code-Projects Online Examination System is an open-source online examination system developed by Code-Projects. Version 1.0 of the Code-Projects Online Examination System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the User parameter in the...

9.8CVSS7.2AI score0.00483EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.7 views

PT-2026-4727

Name of the Vulnerable Software and Affected Versions code-projects Online Examination System version 1.0 Description A flaw exists in the Online Examination System that allows for remote SQL injection. This occurs through manipulation of the User argument within the /index.php file, specifically...

9.8CVSS7.1AI score0.00483EPSS
Exploits1References12
Cvelist
Cvelist
added 2026/01/21 5:27 p.m.20 views

CVE-2021-47871 Hestia Control Panel 1.3.2 - Arbitrary File Write

Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...

8.8CVSS0.00421EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/21 5:27 p.m.7 views

EUVD-2026-3620

Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific file paths on the...

8.8CVSS5.8AI score0.00421EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.7 views

Hestia Control Panel security vulnerabilities

Hestia Control Panel is an open-source host control panel developed by Hestia. Version 1.3.2 of Hestia Control Panel contains a security vulnerability. This vulnerability stems from arbitrary file writing in the API index.php endpoint, which could allow authenticated attackers to write files...

8.8CVSS5.9AI score0.00421EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/20 4:21 p.m.6 views

CVE-2026-1160

A security vulnerability has been detected in PHPGurukul Directory Management System 1.0. Impacted is an unknown function of the file /index.php of the component Search. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS5.4AI score0.00326EPSS
Exploits1References1
OSV
OSV
added 2026/01/19 9:15 p.m.4 views

CVE-2026-1176

A security flaw has been discovered in itsourcecode School Management System 1.0. Affected is an unknown function of the file /subject/index.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to...

9.8CVSS5.8AI score0.00333EPSS
Exploits1References5
NVD
NVD
added 2026/01/19 9:15 p.m.3 views

CVE-2026-1176

A security flaw has been discovered in itsourcecode School Management System 1.0. Affected is an unknown function of the file /subject/index.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to...

9.8CVSS0.00333EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/19 9:2 p.m.5 views

EUVD-2026-3195

A security flaw has been discovered in itsourcecode School Management System 1.0. Affected is an unknown function of the file /subject/index.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to...

7.5CVSS5.5AI score0.00333EPSS
Exploits1References7
Rows per page
Query Builder