Lucene search
K

993 matches found

NVD
NVD
added 2026/07/05 3:16 a.m.9 views

CVE-2026-14692

A vulnerability was detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26. Affected is the function saveshoptype of the file classes/Master.php of the component POST Parameter Handler. Performing a manipulation results in sql injection. The attack is possible to be...

6.5CVSS0.002EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 2:0 a.m.7 views

EUVD-2026-41715

A vulnerability was detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26. Affected is the function saveshoptype of the file classes/Master.php of the component POST Parameter Handler. Performing a manipulation results in sql injection. The attack is possible to be...

6.5CVSS5.8AI score0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.15 views

PT-2026-55755

Name of the Vulnerable Software and Affected Versions SourceCodester Multi-Vendor Online Grocery Management System versions 1.0 through 5.7.26 Description Remote manipulation of the POST Parameter Handler component leads to SQL injection, a technique where malicious SQL statements are inserted in...

6.5CVSS6.6AI score0.002EPSS
Exploits0References9
NVD
NVD
added 2026/07/04 2:16 p.m.10 views

CVE-2026-14629

A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...

5.3CVSS0.00309EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/04 1:15 p.m.8 views

CVE-2026-14629

A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...

5.3CVSS5.5AI score0.00309EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/04 1:15 p.m.8 views

EUVD-2026-41674

A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...

5.3CVSS5.5AI score0.00309EPSS
Exploits0References7
CVE
CVE
added 2026/07/04 1:15 p.m.17 views

CVE-2026-14629

RT-Thread up to 5.2.2 contains a vulnerability in the Parameter Handler’s lwp_syscall.c, affecting the read/write/sys_ioctl functions. The root cause is a divide-by-zero condition, exploitable remotely. The exploit has been published, and a patch is pending acceptance via a pull request. No remed...

5.3CVSS5.5AI score0.00309EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.14 views

PT-2026-55706

Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.2.3 Description A flaw in the Parameter Handler component allows a remote attacker to cause a divide by zero error. This issue occurs within the read, write, and sys ioctl functions located in the components/lwp/l...

5.3CVSS6AI score0.00309EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/06/29 5:15 a.m.35 views

CVE-2026-13538 Wavlink WL-NU516U1-A POST Parameter wireless.cgi sub_401D68 command injection

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...

6.5CVSS0.01306EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/29 5:15 a.m.8 views

EUVD-2026-40036

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...

6.5CVSS6.4AI score0.01306EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/06/29 5:15 a.m.11 views

CVE-2026-13538

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...

6.5CVSS6.4AI score0.01306EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.15 views

CVE-2026-11488

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 4:30 a.m.7 views

CVE-2026-11488

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/08 4:30 a.m.41 views

CVE-2026-11488 code-projects Simple Flight Ticket Booking System POST Parameter checkUser.php sql injection

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS0.00275EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 4:30 a.m.9 views

CVE-2026-11488 code-projects Simple Flight Ticket Booking System POST Parameter checkUser.php sql injection

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.23 views

CVE-2026-5537

A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerability is the function checksel of the file Apps/Index/Controller/IndexController.class.php of the component HTTP GET Parameter Handler. The manipulation of the argument seid leads to sql injection...

6.5CVSS6.3AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-5812

A security flaw has been discovered in SourceCodester Pharmacy Product Management System 1.0. This affects an unknown part of the file add-sales.php of the component POST Parameter Handler. Performing a manipulation of the argument txtqty results in business logic errors. It is possible to initia...

5.5CVSS5.6AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.11 views

CVE-2026-6496

A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function of the file /filemanager.php of the component POST Parameter Handler. The manipulation of the argument file results in path traversal. The attack may be performed from remote. The exploit has been...

5.5CVSS5.4AI score0.00455EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.10 views

CVE-2026-6595

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument busid leads to sql...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 12:31 a.m.13 views

EUVD-2026-33819

A weakness has been identified in code-projects Hotel and Tourism Reservation System 1.0. The affected element is an unknown function of the file tour.php of the component GET Parameter Handler. Executing a manipulation of the argument tour can lead to sql injection. The attack can be launched...

7.5CVSS5.7AI score0.00318EPSS
Exploits0References7
Rows per page
Query Builder