CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added yesterday•2 views

CVE-2026-10559

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS6.2AI score0.00046EPSS

RedhatCVE•added yesterday•3 views

CVE-2026-7462

The VatanSMS WP SMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the page parameter in all versions up to, and including, 1.01. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS5.7AI score0.00095EPSS

RedhatCVE•added yesterday•4 views

CVE-2026-6864

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.7AI score0.00031EPSS

RedhatCVE•added yesterday•4 views

CVE-2026-6808

The Pricing Tables for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS5.7AI score0.00021EPSS

Positive Technologies•added yesterday•7 views

PT-2026-47055

Name of the Vulnerable Software and Affected Versions Tenda FH451 version 1.0.0.9 Description A stack overflow exists in the fromDhcpListClient function. This occurs when processing the page parameter via a crafted HTTP request, which can lead to a Denial of Service DoS, a condition where the...

5.5AI score

NVD•added 3 days ago•8 views

CVE-2026-10694

A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public and may be used...

7.5CVSS0.00046EPSS

ATTACKERKB•added 3 days ago•5 views

CVE-2026-10694

7.5CVSS6.9AI score0.00046EPSS

Exploits0References6Affected Software1

NVD•added 4 days ago•5 views

CVE-2026-10559

6.5CVSS0.00046EPSS

Cvelist•added 4 days ago•33 views

CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion

6.5CVSS0.00046EPSS

Vulnrichment•added 4 days ago•6 views

CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion

6.5CVSS6.3AI score0.00046EPSS

Cvelist•added 4 days ago•33 views

CVE-2026-10558 SourceCodester Pizzafy Ecommerce System index.php file inclusion

6.5CVSS0.00046EPSS

Vulnrichment•added 4 days ago•7 views

CVE-2026-10558 SourceCodester Pizzafy Ecommerce System index.php file inclusion

6.5CVSS6.4AI score0.00046EPSS

CVE•added 4 days ago•11 views

CVE-2026-10558

SourceCodester Pizzafy Ecommerce System 1.0 has a remote file inclusion in /admin/index.php caused by manipulating the page parameter. The vulnerability affects an unknown function and can be exploited remotely; the exploit is publicly available. CVSS metrics in the sources show MEDIUM severity (...

6.5CVSS6.4AI score0.00046EPSS

NVD•added 4 days ago•8 views

CVE-2026-10301

A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...

5.3CVSS0.00036EPSS

Positive Technologies•added 4 days ago•8 views

PT-2026-45680

6.5CVSS6.3AI score0.00046EPSS

Exploits0References7

CNNVD•added 6 days ago•7 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from an operation on the currentpage parameter in the formSysLog function located in the file/goform/formSysLog,...

9CVSS7.7AI score0.00041EPSS

Exploits0References4

NVD•added 2026/05/24 3:16 p.m.•10 views

CVE-2026-9389

A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used...

9CVSS0.00048EPSS

CNNVD•added 2026/05/24 12:0 a.m.•7 views

Tenda F456 安全漏洞

The Tenda F456 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.5 of the Tenda F456 contains a security vulnerability. This vulnerability stems from improper handling of the parameter “page” in the function frmL7ImForm located in the file/goform/L7Im. It may lead to a...

9CVSS7.5AI score0.00048EPSS

NVD•added 2026/05/22 5:16 a.m.•7 views

CVE-2026-6864

6.1CVSS0.00031EPSS