CVE-2026-1423 code-projects Online Examination System admin_pic.php unrestricted upload

A vulnerability was determined in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /adminpic.php. Executing a manipulation can lead to unrestricted upload. The attack may be performed from remote. The exploit has been publicly disclosed...

CVE-2026-1421

A vulnerability has been found in code-projects Online Examination System 1.0. Affected is an unknown function of the component Add Pages. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used...

CVE-2026-1421

CVE-2026-1421 affects code-projects Online Examination System 1.0, specifically the Add Pages component. The vulnerability is a cross-site scripting flaw that can be triggered remotely via the affected function, with exploitation publicly disclosed. Multiple connected sources corroborate the issu...

CVE-2026-1421 code-projects Online Examination System Add Pages cross site scripting

A vulnerability has been found in code-projects Online Examination System 1.0. Affected is an unknown function of the component Add Pages. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used...

PT-2026-4815

A flaw has been found in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminDeleteUser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published an...

PT-2026-4727

Name of the Vulnerable Software and Affected Versions code-projects Online Examination System version 1.0 Description A flaw exists in the Online Examination System that allows for remote SQL injection. This occurs through manipulation of the User argument within the /index.php file, specifically...

PT-2026-4724

Name of the Vulnerable Software and Affected Versions code-projects Online Examination System version 1.0 Description A flaw exists in the Add Pages component of the software, allowing for cross site scripting. This manipulation can be executed remotely. The exploit details have been publicly...

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via improper validation of project ownership during organization project operations. An attacker can modify projects belonging to a different organization by leveraging project write acce...

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via improper validation of project ownership during organization project operations. An attacker can modify projects belonging to a different organization by leveraging project write acce...

EUVD-2026-4266

Gitea does not properly validate project ownership in organization project operations...

CVE-2026-20750

Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization...

CVE-2026-20750

Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization...

CVE-2026-20750 Gitea Organization Projects Cross-Organization Authorization Bypass via Project ID (IDOR)

Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization...

CVE-2026-20750

Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization...

CVE-2026-20750

Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization...

CVE-2026-20750 Gitea Organization Projects Cross-Organization Authorization Bypass via Project ID (IDOR)

Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization...

CVE-2026-20750

Gitea (code.gitea.io/gitea) has CVE-2026-20750: a cross-organization authorization bypass where a user with project write access in one organization can modify projects in another due to improper validation of project ownership in organization project operations. Reported across multiple feeds; C...

Gitea security vulnerabilities

Gitea is a lightweight Git service developed using Go language in the Gitea community. Gitea has a security vulnerability that stems from improper verification of project ownership during organizational project operations. This vulnerability could allow a user with write access to an organization...

Hackathon Projects Show AI Wellness Apps Can Leak Sensitive User Info

As emotional computing applications proliferate, the security threats they face require frameworks beyond traditional approaches...

shynabot (=0.0.1), shynataskmanager (=0.0.1) potentially affected by CVE-2026-23842 via chatterbot (=1.0.4)

chatterbot PYPI version =1.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on chatterbot and may be impacted: - shynabot =0.0.1 - shynataskmanager =0.0.1 Source cves: CVE-2026-23842 Source advisory: SNYK:PYTHON-CHATTERBOT-15038747...