Lucene search
K

990 matches found

Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.7 views

PT-2026-35167

A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header mutation/header mutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack is possible. Patc...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.4 views

CVE-2026-6488

A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET Request Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References1
CVE
CVE
added 2026/04/20 2:0 a.m.16 views

CVE-2026-6595

ProjectsAndPrograms School Management System, up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59, contains a vulnerability in buslocation.php (HTTP GET Parameter Handler). Manipulating the bus_id parameter causes an SQL injection, with remote attack possible and a publicly available exploit. The prod...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.6 views

PT-2026-33690

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument bus id leads to sql...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/19 12:0 a.m.6 views

PT-2026-37048

Name of the Vulnerable Software and Affected Versions D-Link DI-8100 version 16.07.26A1 Description A buffer overflow can be triggered remotely via the POST Parameter Handler component. The issue exists within the url rule asp function of the '/url rule.asp' endpoint. Recommendations At the momen...

10CVSS7.5AI score0.0586EPSS
Exploits1References16
EUVD
EUVD
added 2026/04/17 3:31 p.m.3 views

EUVD-2026-23425

A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET Request Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5
NVD
NVD
added 2026/04/08 11:17 p.m.3 views

CVE-2026-5811

A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function saveproduct of the file /Actions.php of the component POST Parameter Handler. Such manipulation of the argument price leads to business logic errors. The attack may be performe...

5.5CVSS0.00246EPSS
Exploits0References5
NVD
NVD
added 2026/04/08 10:16 p.m.3 views

CVE-2026-5810

A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the attack is possible. The exploit has...

5.1CVSS0.0024EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/08 10:15 p.m.2 views

CVE-2026-5811

A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function saveproduct of the file /Actions.php of the component POST Parameter Handler. Such manipulation of the argument price leads to business logic errors. The attack may be performe...

5.5CVSS5.8AI score0.00246EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/08 10:15 p.m.3 views

CVE-2026-5811 SourceCodester Online Food Ordering System POST Parameter Actions.php save_product logic error

A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function saveproduct of the file /Actions.php of the component POST Parameter Handler. Such manipulation of the argument price leads to business logic errors. The attack may be performe...

5.5CVSS5.8AI score0.00246EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.5 views

CVE-2026-5681

A flaw has been found in itsourcecode sanitize or validate this input 1.0. This impacts an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument empid causes sql injection. The attack is possible to be carried out remotely. The explo...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:7 p.m.5 views

CVE-2026-5660

A vulnerability was determined in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument emp causes sql injection. The attack may be initiated remotely. The...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:6 p.m.5 views

CVE-2026-5648

A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /userfinishregister.php of the component Parameter Handler. This manipulation of the argument firstName causes sql injection. Remote exploitation of the attack is possible. The...

7.5CVSS5.7AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:6 p.m.5 views

CVE-2026-5669

A vulnerability has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This vulnerability affects unknown code of the file /login.php of the component Parameter Handler. Such manipulation of the argument Password leads to sql injection. It is possibl...

7.5CVSS5.7AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 10:52 a.m.6 views

CVE-2026-5636

A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the argument oid causes sql injection. The attack may be initiated remotely. The exploit has been mad...

6.5CVSS5.7AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 10:52 a.m.6 views

CVE-2026-5634

A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /bookcar.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 10:51 a.m.6 views

CVE-2026-5645

A weakness has been identified in projectworlds Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /pay.php of the component Parameter Handler. Executing a manipulation of the argument mpesa can lead to sql injection. The attack can be launched remotely...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 10:51 a.m.6 views

CVE-2026-5637

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.7 views

CVE-2026-5609

A flaw has been found in Tenda i12 1.0.0.113862. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wlradio causes stack-based buffer overflow. It is possible to initiate the...

9CVSS7.7AI score0.00632EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.5 views

CVE-2026-5620

A vulnerability has been found in itsourcecode Construction Management System 1.0. Affected is an unknown function of the file /borrowedequipreport.php of the component Parameter Handler. The manipulation of the argument Home leads to sql injection. It is possible to initiate the attack remotely...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References1
Rows per page
Query Builder