CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 4 days ago•7 views

PT-2026-45170

A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function sign auth cookie of the file application/controllers/Login.php of the component MY Controller. Executing a manipulation of the...

7.5CVSS6.8AI score0.00061EPSS

Vulnrichment•added 2026/05/21 5:11 p.m.•5 views

CVE-2026-48248 Open ISES Tickets < 3.44.2 Disabled TLS Certificate Verification in incs/login.inc.php

Open ISES Tickets before 3.44.2 disables TLS certificate verification in incs/login.inc.php by setting CURLOPTSSLVERIFYPEER to false and not setting CURLOPTSSLVERIFYHOST when issuing outbound HTTPS requests issued during the login/authentication flow. An attacker positioned on the network path...

8.2CVSS5.9AI score0.00033EPSS

Exploits0References3

Cvelist•added 2026/05/08 3:15 a.m.•25 views

CVE-2026-8132 CodeAstro Leave Management System login.php sql injection

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

7.5CVSS0.00039EPSS

Cvelist•added 2026/05/01 5:45 a.m.•26 views

CVE-2026-7555 itsourcecode Electronic Judging System login.php sql injection

A vulnerability was identified in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/login.php. Such manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

7.5CVSS0.00043EPSS

Vulnrichment•added 2026/05/01 5:45 a.m.•0 views

CVE-2026-7555 itsourcecode Electronic Judging System login.php sql injection

7.5CVSS7AI score0.00043EPSS

CNNVD•added 2026/04/28 12:0 a.m.•4 views

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability. This vulnerability stems from the e-mail parameter in the Login function of the...

7.5CVSS7.2AI score0.00043EPSS

Vulnrichment•added 2026/04/27 12:45 a.m.•0 views

CVE-2026-7072 CodePanda Source canteen_management_system login.php sql injection

A vulnerability was detected in CodePanda Source canteenmanagementsystem 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may...

7.5CVSS7.3AI score0.0004EPSS

Exploits0References4

CNNVD•added 2026/04/13 12:0 a.m.•2 views

Code-Projects Simple Content Management System SQL注入漏洞

Code-Projects Simple Content Management System is an open-source simple content management system developed by Code-Projects. Version 1.0 of Code-Projects Simple Content Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the User parameter in...

7.5CVSS7.2AI score0.00043EPSS

RedhatCVE•added 2026/04/07 5:6 p.m.•2 views

CVE-2026-5669

A vulnerability has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This vulnerability affects unknown code of the file /login.php of the component Parameter Handler. Such manipulation of the argument Password leads to sql injection. It is possibl...

7.5CVSS5.7AI score0.00043EPSS

RedhatCVE•added 2026/04/07 10:52 a.m.•1 views

CVE-2026-5646

A security vulnerability has been detected in code-projects Easy Blog Site 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclos...

7.5CVSS5.8AI score0.00014EPSS

Vulnrichment•added 2026/04/06 4:30 p.m.•1 views

CVE-2026-5669 Cyber-III Student-Management-System Parameter login.php sql injection

7.5CVSS6.8AI score0.00043EPSS

EUVD•added 2026/04/06 12:32 p.m.•1 views

EUVD-2026-19223

7.5CVSS6.9AI score0.00014EPSS

RedhatCVE•added 2026/04/06 10:57 a.m.•1 views

CVE-2026-5551

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

7.5CVSS6.9AI score0.00043EPSS

Positive Technologies•added 2026/04/06 12:0 a.m.•1 views

PT-2026-30596

Name of the Vulnerable Software and Affected Versions Easy Blog Site version 1.0 Description A security issue exists in Easy Blog Site 1.0 related to the login functionality within the login.php file. Manipulation of the username and password arguments can lead to SQL injection. The attack can be...

7.5CVSS7.4AI score0.00014EPSS

Exploits0References12

EUVD•added 2026/04/05 9:30 a.m.•0 views

EUVD-2026-19050

7.5CVSS5.8AI score0.00043EPSS

Cvelist•added 2026/04/05 9:15 a.m.•26 views

CVE-2026-5555 code-projects Concert Ticket Reservation System Parameter login.php sql injection

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS0.00043EPSS

Cvelist•added 2026/04/05 8:15 a.m.•24 views

CVE-2026-5551 itsourcecode Free Hotel Reservation System Parameter login.php sql injection

7.5CVSS0.00043EPSS