Lucene search
K

61287 matches found

Cvelist
Cvelist
added 10 hours ago7 views

CVE-2026-14797 CodeAstro Apartment Visitor Management System edit-apartment.php sql injection

A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...

6.5CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 10 hours ago3 views

CVE-2026-14797

A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...

6.5CVSS6.6AI score
Exploits0References6Affected Software1
CVE
CVE
added 10 hours ago4 views

CVE-2026-14797

CodeAstro Apartment Visitor Management System 1.0 contains a SQL injection in /apartment-visitor/edit-apartment.php via manipulated editid. The vulnerability is remotely exploitable and affects unknown code paths in the file. Publicly disclosed exploits exist. The CVSS metrics indicate a network-...

6.5CVSS6.6AI score
Exploits0References6
EUVD
EUVD
added 10 hours ago7 views

EUVD-2026-41808

A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...

6.5CVSS6.6AI score
Exploits0References6
EUVD
EUVD
added 11 hours ago4 views

EUVD-2026-41806

A vulnerability has been found in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/action-visitor.php. Such manipulation of the argument remark leads to sql injection. The attack may be performed from remote. Th...

6.5CVSS5.8AI score
Exploits0References6
EUVD
EUVD
added 14 hours ago6 views

EUVD-2026-41794

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skillview of the file tools/skillstool.py. Executing a manipulation of the argument Name can lead to path traversal. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS5.6AI score
Exploits0References9
EUVD
EUVD
added 14 hours ago6 views

EUVD-2026-41789

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...

6.5CVSS5.9AI score
Exploits0References7
Cvelist
Cvelist
added yesterday10 views

CVE-2026-14778 SourceCodester Onlne Examination & Learning Management System Enrollment Management ajax_enroll.php improper authorization

A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajaxenroll.php of the component Enrollment Management. The manipulation of the argument studentid/scheduleid/action leads to improper...

7.5CVSS
Exploits0References6
EUVD
EUVD
added yesterday6 views

EUVD-2026-41774

A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. This impacts an unknown function of the file /admin/addevent.php of the component Event Management Page. Such manipulation of the argument fdetails leads to sql injection. The attack can be launched remotely. The...

7.5CVSS5.8AI score
Exploits0References6
EUVD
EUVD
added yesterday8 views

EUVD-2026-41758

A security vulnerability has been detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This affects the function adddefinition of the file application/PHP/objects/notes/addintodictionary.php. Such manipulation of the argument reference leads to cross site scripting. It ...

5.1CVSS4.2AI score
Exploits0References6
Cvelist
Cvelist
added yesterday27 views

CVE-2026-14752 mjperpinosa stumasy add_into_dictionary.php add_definition cross site scripting

A security vulnerability has been detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This affects the function adddefinition of the file application/PHP/objects/notes/addintodictionary.php. Such manipulation of the argument reference leads to cross site scripting. It ...

5.1CVSS
Exploits0References6
EUVD
EUVD
added yesterday7 views

EUVD-2026-41747

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

3.1CVSS5AI score
Exploits0References7
ATTACKERKB
ATTACKERKB
added yesterday7 views

CVE-2026-14742

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

3.1CVSS5AI score
Exploits0References7Affected Software1
CVE
CVE
added yesterday9 views

CVE-2026-14716

CVE-2026-14716 affects nextlevelbuilder GoClaw up to version 3.13.0-beta.2. The vulnerability is in MethodRouter.Handle (internal/gateway/router.go) of the WebSocket RPC Handler, where an input manipulation can bypass authorization. It is a remote-risk scenario with a publicly disclosed exploit. ...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References6
EUVD
EUVD
added yesterday8 views

EUVD-2026-41722

A vulnerability has been found in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /patientorder.php. Such manipulation of the argument editid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and...

6.5CVSS5.8AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added yesterday9 views

EUVD-2026-41719

A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-14694

A vulnerability has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancelorder of the file classes/Master.php of the component POST Parameter Handler. The manipulation of the argument ID leads to sql injection. It is possible...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-14687

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function deduplicateresults of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched...

6.9CVSS5.8AI score0.00332EPSS
Exploits0References7Affected Software1
CVE
CVE
added yesterday6 views

CVE-2026-14687

Affected software: 666ghj BettaFish (≤1.2.1). Vulnerable component: InsightEngine search-result Deduplication, specifically function _deduplicate_results in InsightEngine/agent.py. Root cause: manipulation can cause partial string comparison. Impact: remote exploitation possible. Publicly disclos...

6.9CVSS5.8AI score0.00332EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-55791

Name of the Vulnerable Software and Affected Versions code-projects Real State Services version 1.0 Description A remote SQL injection exists in the /addprojectrent.php file. The issue occurs when the amen variable is manipulated, allowing an attacker to execute arbitrary SQL commands on the...

7.5CVSS7.4AI score
Exploits0References9
Rows per page
Query Builder