Lucene search
K

978 matches found

EUVD
EUVD
added 5 days ago5 views

EUVD-2026-42500

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality...

6.3CVSS7.5AI score0.00157EPSS
Exploits0References3
CVE
CVE
added 6 days ago6 views

CVE-2026-39179

SOGo

6.3CVSS7.5AI score0.00157EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/05 1:0 p.m.29 views

CVE-2026-14750 mjperpinosa stumasy accessing_dictionary_authorization.php accessing_dictionary_authorization sql injection

A security flaw has been discovered in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The affected element is the function Notescontroller::accessingdictionaryauthorization of the file application/PHP/objects/notes/accessingdictionaryauthorization.php. The manipulation of the...

7.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 1:0 p.m.9 views

CVE-2026-14750

The CVE-2026-14750 entry concerns mjperpinosa stumasy with a SQL injection in the function Notes_controller::accessing_dictionary_authorization (file application/PHP/objects/notes/accessing_dictionary_authorization.php). Manipulating the Password argument enables a remote attacker to leverage SQL...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.11 views

PT-2026-55796

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote SQL injection occurs due to the improper handling of the Password argument within the Notes controller::accessing dictionary authorization functio...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References12
NVD
NVD
added 2026/06/09 7:17 p.m.13 views

CVE-2026-36794

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain multiple stack overflows in the R7WebsSecurityHandler function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP...

7.5CVSS0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.15 views

CVE-2026-11472

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Tenda W3 Wireless Router 安全漏洞

The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 Wireless Router contains a security vulnerability. This vulnerability stems from multiple stack overflows in the username and password parameters within the...

7.5CVSS5.4AI score0.00397EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 5:16 p.m.17 views

CVE-2026-11530

A vulnerability was identified in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This affects an unknown function of the file /index.ph of the component Login. Such manipulation of the argument usr/pwd leads to sql injection. The attack can be executed remotely...

7.5CVSS0.00328EPSS
Exploits0References6
NVD
NVD
added 2026/06/08 3:16 p.m.14 views

CVE-2026-36789

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS0.00529EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/08 8:58 a.m.12 views

CVE-2026-11452

A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN0042e200 of the file /cgi-bin/glc of the component SETUSERPWD Handler. The manipulation of the argument Password leads to command injection. The attack can be initiated remotely. Upgrading to version 4.8....

7.5CVSS6.8AI score0.01681EPSS
Exploits1References1
NVD
NVD
added 2026/06/08 1:16 a.m.15 views

CVE-2026-11472

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 12:30 a.m.14 views

EUVD-2026-35003

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7.1AI score0.00263EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 12:30 a.m.6 views

CVE-2026-11472

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7AI score0.00263EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/08 12:15 a.m.14 views

EUVD-2026-35002

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 12:15 a.m.9 views

CVE-2026-11471 SourceCodester Class and Exam Timetabling System index2.php sql injection

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 12:15 a.m.8 views

CVE-2026-11471

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00263EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/08 12:15 a.m.33 views

CVE-2026-11471

Affected product: SourceCodester Class and Exam Timetabling System 1.0. Vulnerability: SQL injection via manipulation of the Password argument in an unknown function in /index2.php. Impact/scope: Remote exploit possible; exploit has been public. CVSS details in sources indicate network access wit...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47204

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7AI score0.00263EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/08 12:0 a.m.12 views

EUVD-2026-35076

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS5.5AI score0.00529EPSS
Exploits0References1
Rows per page
Query Builder