Lucene search
K

659 matches found

Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.1 views

CVE-2026-26892

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...

5.8AI score0.00268EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/03 12:0 a.m.5 views

EUVD-2026-9309

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...

6AI score0.00268EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:0 a.m.2 views

CVE-2026-26891

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...

2.7CVSS6AI score0.003EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/03 12:0 a.m.19 views

CVE-2026-26891

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...

0.003EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.2 views

CVE-2026-26891

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...

6AI score0.003EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.6 views

SourceCodester Logistic Hub Parcel Management System 安全漏洞

SourceCodester Logistic Hub Parcel Management System is a simple web-based open-source application project developed by SourceCodester. Its main purpose is to provide a automated platform for logistics centers to manage and track parcel records. Version 1.0 of the SourceCodester Logistic Hub Parc...

2.7CVSS5.9AI score0.003EPSS
Exploits1References1
CVE
CVE
added 2026/03/03 12:0 a.m.13 views

CVE-2026-26892

CVE-2026-26892 affects Sourcecodester Logistics Hub Parcel’s Management System v1.0, with SQL Injection in /manage_carrier.php. Documents confirm a network-accessible vulnerability impacting confidentiality, integrity, and availability (CVSSv3.1: C/H, I/H, A/H; AV:N/AC:L/PR:H/UI:N/S:U). No remedi...

7.2CVSS6AI score0.00268EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.9 views

PT-2026-22788

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manage parcel type.php...

6AI score0.003EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/03 12:0 a.m.3 views

EUVD-2026-9308

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...

2.7CVSS6AI score0.003EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.4 views

SourceCodester Logistic Hub Parcel Management System 安全漏洞

SourceCodester Logistic Hub Parcel Management System is a simple web-based open-source application project developed by SourceCodester. Its main purpose is to provide a automated platform for logistics centers to manage and track package records. Version 1.0 of the SourceCodester Logistic Hub...

7.2CVSS5.9AI score0.00268EPSS
Exploits1References1
CVE
CVE
added 2026/03/03 12:0 a.m.11 views

CVE-2026-26891

CVE-2026-26891 affects Sourcecodester Logistic Hub Parcel's Management System v1.0 and is caused by a SQL Injection vulnerability in the endpoint /manage_parcel_type.php. The connected records consistently describe the same issue across multiple feeds (NVD, Red Hat, CVE List, EUVD, etc.). The vul...

2.7CVSS6AI score0.003EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/02 6:42 p.m.27 views

CVE-2026-0007

In writeToParcel of WindowInfo.cpp, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00094EPSS
Exploits0References1
CVE
CVE
added 2026/03/02 6:42 p.m.17 views

CVE-2026-0007

Consolidated sources describe CVE-2026-0007 as a vulnerability in WindowInfo.cpp, writeToParcel, enabling a tapjacking/overlay attack that could grant permissions and allow local elevation of privilege without additional execution privileges. Exploitation details are not provided in the Initial d...

8.6CVSS6.1AI score0.00094EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/01 12:0 a.m.5 views

ASB-A-433251166

Bulletin has no description...

5.7AI score
Exploits0
OSV
OSV
added 2026/01/29 3:0 p.m.6 views

GHSA-83FC-FQCC-2HMG React Server Components have multiple Denial of Service Vulnerabilities

Impact It was found that the fixes to address DoS in React Server Components were incomplete and we found multiple denial of service vulnerabilities still exist in React Server Components. We recommend updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1, 19.0.2, 19.0.3,...

7.5CVSS6AI score0.02329EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/29 3:0 p.m.9 views

EUVD-2026-4673

React Server Components have multiple Denial of Service Vulnerabilities...

7.5CVSS5.9AI score0.02329EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/01/29 3:0 p.m.19 views

React Server Components have multiple Denial of Service Vulnerabilities

Impact It was found that the fixes to address DoS in React Server Components were incomplete and we found multiple denial of service vulnerabilities still exist in React Server Components. We recommend updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1, 19.0.2, 19.0.3,...

7.5CVSS5.9AI score0.02329EPSS
Exploits0References5Affected Software3
F5 Networks
F5 Networks
added 2026/01/27 2:9 a.m.16 views

K000159700: React framework vulnerability CVE-2026-23864

Security Advisory Description Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests ...

7.5CVSS5.9AI score0.02329EPSS
Exploits0
Snyk
Snyk
added 2026/01/26 7:49 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview react-server-dom-parcel is a React Server Components bindings for DOM using Parcel. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...

8.7CVSS5.9AI score0.65592EPSS
Exploits10References2
CVE
CVE
added 2026/01/26 7:16 p.m.77 views

CVE-2026-23864

CVE-2026-23864 affects React Server Components packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The connected advisories describe a denial-of-service condition triggered by specially crafted HTTP requests to Server Function endpoints, potentially causin...

7.5CVSS6AI score0.02329EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder