Lucene search
+L

259 matches found

osv
osv
added 2026/02/08 7:16 p.m.5 views

CVE-2026-2177

A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

7.3CVSS5.3AI score0.00309EPSS
Exploits1References5
cve
cve
added 2026/02/08 7:2 p.m.18 views

CVE-2026-2177

CVE-2026-2177 affects SourceCodester Prison Management System 1.0, with a vulnerability in the Login component where manipulating an unknown function leads to session fixation. Exploitation is possible remotely, the exploit has been publicly disclosed, and exploitation maturity is listed as PROOF...

7.5CVSS6.8AI score0.00309EPSS
Exploits1References5Affected Software1
osv
osv
added 2026/02/08 5:15 p.m.7 views

CVE-2026-2166

A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack is possible to be carried...

9.8CVSS5.6AI score0.00416EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2026/02/08 12:0 a.m.13 views

PT-2026-7009

Name of the Vulnerable Software and Affected Versions SourceCodester Prison Management System version 1.0 Description A session fixation issue exists in the Login component of the software. The issue is triggered through manipulation of an unknown function within the Login component and can be...

7.5CVSS5.2AI score0.00309EPSS
Exploits1References9
ptsecurity
ptsecurity
added 2026/02/08 12:0 a.m.18 views

PT-2026-7003

Name of the Vulnerable Software and Affected Versions code-projects Online Student Management System version 1.0 Description A flaw exists in the Login component of the Online Student Management System. Specifically, a SQL injection issue is present in the accounts.php file due to manipulation of...

9.8CVSS5.4AI score0.00391EPSS
Exploits0References12
nvd
nvd
added 2026/01/30 3:16 p.m.13 views

CVE-2026-1685

A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high...

6.3CVSS0.00987EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/01/30 2:32 p.m.9 views

CVE-2026-1685

A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high...

6.3CVSS5.5AI score0.00987EPSS
Exploits0References5Affected Software1
cnnvd
cnnvd
added 2026/01/30 12:0 a.m.12 views

D-Link DIR-823X security vulnerabilities

The D-Link DIR-823X is a wireless router produced by D-Link Corporation. The D-Link DIR-823X 250416 version has a security vulnerability. This vulnerability stems from an improper limitation on authentication attempts in the sub40AC74 function of the Login component, which may lead to brute-force...

6.3CVSS5.8AI score0.00987EPSS
Exploits0References6
nvd
nvd
added 2026/01/05 10:15 a.m.13 views

CVE-2026-0583

A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This vulnerability affects unknown code of the file app/user/login.php of the component User Login. The manipulation of the argument emailadd results in sql injection. The attack may be launched remotely...

9.8CVSS0.00371EPSS
Exploits1References6
osv
osv
added 2026/01/05 10:15 a.m.8 views

CVE-2026-0583

A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This vulnerability affects unknown code of the file app/user/login.php of the component User Login. The manipulation of the argument emailadd results in sql injection. The attack may be launched remotely...

9.8CVSS5.7AI score0.00371EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2026/01/05 12:0 a.m.11 views

PT-2026-1238

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A security flaw exists in code-projects Online Product Reservation System version 1.0. The issue is located in the file app/user/login.php within the User Login component...

9.8CVSS6.9AI score0.00371EPSS
Exploits1References11
osv
osv
added 2025/12/11 8:15 p.m.4 views

CVE-2025-14536

A security flaw has been discovered in code-projects Class and Exam Timetable Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login. The manipulation of the argument username/password results in sql injection. The attack may be...

9.8CVSS5.7AI score0.00568EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2025/12/11 12:0 a.m.5 views

PT-2025-50721

A security flaw has been discovered in code-projects Class and Exam Timetable Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login. The manipulation of the argument username/password results in sql injection. The attack may be...

7.5CVSS7.1AI score0.00568EPSS
Exploits1References8
cnnvd
cnnvd
added 2025/12/11 12:0 a.m.6 views

Code-Projects Class and Exam Timetable Management 安全漏洞

Class and Exam Timetable Management is a course and exam timetable management system. Class and Exam Timetable Management suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameters username/password in the file...

9.8CVSS7.9AI score0.00568EPSS
Exploits1References7
vulnrichment
vulnrichment
added 2025/12/10 12:0 a.m.2 views

CVE-2025-56429

Cross Site Scripting vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to obtain sensitive information via the login.php component...

5.7AI score0.00223EPSS
Exploits1References1
cve
cve
added 2025/12/10 12:0 a.m.21 views

CVE-2025-56429

FearlessCMS v0.0.2-15 is affected by a Cross Site Scripting (XSS) vulnerability in the login.php component that could allow a remote attacker to obtain sensitive information. The issue is documented across multiple sources (NVD/Red Hat/EUVD/OSV/CNNVD) with the same description. No explicit exploi...

6.1CVSS5.7AI score0.00223EPSS
Exploits1References1Affected Software1
ptsecurity
ptsecurity
added 2025/12/10 12:0 a.m.6 views

PT-2025-50485

Name of the Vulnerable Software and Affected Versions FearlessCMS version 0.0.2-15 Description A Cross Site Scripting issue exists in FearlessCMS. This allows a remote attacker to potentially obtain sensitive information through the login.php component. The login.php component is the point of...

5.9AI score0.00223EPSS
Exploits1References3
redhatcve
redhatcve
added 2025/12/02 12:19 a.m.12 views

CVE-2025-63534

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and...

8.5CVSS5.8AI score0.00186EPSS
Exploits0References1
nvd
nvd
added 2025/12/01 4:15 p.m.5 views

CVE-2025-63534

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and...

8.5CVSS0.00186EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/12/01 12:0 a.m.5 views

PT-2025-48460

Name of the Vulnerable Software and Affected Versions Blood Bank Management System version 1.0 Description A SQL injection issue exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application does not properly sanitize user-supplied input used in SQL querie...

10CVSS7.9AI score0.00587EPSS
Exploits1References8
Rows per page
Query Builder