Lucene search
K

350 matches found

Vulnrichment
Vulnrichment
added 2026/04/06 4:30 p.m.3 views

CVE-2026-5669 Cyber-III Student-Management-System Parameter login.php sql injection

A vulnerability has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This vulnerability affects unknown code of the file /login.php of the component Parameter Handler. Such manipulation of the argument Password leads to sql injection. It is possibl...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/06 12:32 p.m.4 views

EUVD-2026-19223

A security vulnerability has been detected in code-projects Easy Blog Site 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

7.5CVSS6.9AI score0.00325EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.5 views

CVE-2026-5551

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.6 views

PT-2026-30596

Name of the Vulnerable Software and Affected Versions Easy Blog Site version 1.0 Description A security issue exists in Easy Blog Site 1.0 related to the login functionality within the login.php file. Manipulation of the username and password arguments can lead to SQL injection. The attack can be...

7.5CVSS7.4AI score0.00325EPSS
Exploits0References12
EUVD
EUVD
added 2026/04/05 9:30 a.m.3 views

EUVD-2026-19050

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/05 9:15 a.m.31 views

CVE-2026-5555 code-projects Concert Ticket Reservation System Parameter login.php sql injection

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS0.00259EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/05 8:15 a.m.29 views

CVE-2026-5551 itsourcecode Free Hotel Reservation System Parameter login.php sql injection

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

7.5CVSS0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30425

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/01 3:31 a.m.9 views

EUVD-2026-17747

A vulnerability has been found in gougucms 4.08.18. This affects the function regsubmit of the file gougucms-master\app\home\controller\Login.php of the component User Registration Handler. Such manipulation of the argument level leads to dynamically-determined object attributes. The attack may b...

6.5CVSS6.1AI score0.00237EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/01 12:45 a.m.36 views

CVE-2026-5248 gougucms User Registration Login.php reg_submit dynamically-determined object attributes

A vulnerability has been found in gougucms 4.08.18. This affects the function regsubmit of the file gougucms-master\app\home\controller\Login.php of the component User Registration Handler. Such manipulation of the argument level leads to dynamically-determined object attributes. The attack may b...

6.5CVSS0.00237EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/01 12:45 a.m.3 views

CVE-2026-5248 gougucms User Registration Login.php reg_submit dynamically-determined object attributes

A vulnerability has been found in gougucms 4.08.18. This affects the function regsubmit of the file gougucms-master\app\home\controller\Login.php of the component User Registration Handler. Such manipulation of the argument level leads to dynamically-determined object attributes. The attack may b...

6.5CVSS6.1AI score0.00237EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/22 12:0 a.m.7 views

Projectworlds Online Notes Sharing System 安全漏洞

Projectworlds Online Notes Sharing System is an online note-sharing system developed under the open-source Projectworlds framework. Version 1.0 of the Projectworlds Online Notes Sharing System contains a security vulnerability, which stems from incorrect handling of the User parameter in the...

7.5CVSS7.2AI score0.00359EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.11 views

Jettweb PHP Hazir Haber Sitesi Scripti SQL注入漏洞

Jettweb PHP Ready-made News Sites Script is a content management system provided by the Turkish company Jettweb. The Jettweb PHP Ready-made News Sites Script V3 version has a SQL injection vulnerability. This vulnerability stems from an authentication bypass in the login.php administration panel,...

9.8CVSS5.9AI score0.01089EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/08 3:32 p.m.3 views

CVE-2026-3746

A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the component Login. This manipulation of the argument Username causes sql injection. The attack may...

7.5CVSS5.7AI score0.00379EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/03/08 3:32 p.m.36 views

CVE-2026-3746 SourceCodester Simple Responsive Tourism Website Login Login.php sql injection

A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the component Login. This manipulation of the argument Username causes sql injection. The attack may...

7.5CVSS0.00379EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/08 6:31 a.m.4 views

EUVD-2026-10211

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub401A10 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to out-of-bounds write. The attack may be performed from remote. The exploit has been published and may be used. Upgrading...

10CVSS5.5AI score0.00817EPSS
Exploits1References7
EUVD
EUVD
added 2026/03/08 6:31 a.m.7 views

EUVD-2026-10215

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. The impacted element is an unknown function of the file /login.php. Performing a manipulation of the argument Username results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS5.8AI score0.0037EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/03/08 5:2 a.m.4 views

CVE-2026-3708

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. The impacted element is an unknown function of the file /login.php. Performing a manipulation of the argument Username results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS6.9AI score0.0037EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2026/03/08 5:2 a.m.30 views

CVE-2026-3708 code-projects Simple Flight Ticket Booking System login.php sql injection

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. The impacted element is an unknown function of the file /login.php. Performing a manipulation of the argument Username results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS0.0037EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.8 views

PT-2026-23952

Name of the Vulnerable Software and Affected Versions SourceCodester Simple Responsive Tourism Website version 1.0 Description A SQL injection issue exists in the Login component of the software, specifically within the /tourism/classes/Login.php?f=login file. The Username argument is susceptible...

9.8CVSS7AI score0.00379EPSS
Exploits1References15
Rows per page
Query Builder