Lucene search
K

14490 matches found

Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-55790

Name of the Vulnerable Software and Affected Versions code-projects Real State Services version 1.0 Description An issue exists in the /single-list rent.php file where manipulating the ID argument allows for remote SQL injection. SQL injection is a technique where malicious SQL statements are...

7.5CVSS7.2AI score0.00263EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-55822

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit room.php file where manipulating the ID argument allows for SQL injection, a technique used to interfere with the queries that an application...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 4 days ago9 views

PT-2026-55798

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote cross-site scripting issue exists due to improper manipulation of the argument reference within the add definition function located in the...

5.1CVSS5.7AI score0.00203EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 4 days ago11 views

PT-2026-55795

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote code injection issue exists due to the improper handling of the mathematical sentence argument within the eval function located in the...

7.5CVSS7.3AI score0.00322EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-55820

Name of the Vulnerable Software and Affected Versions code-projects Real State Services version 1.0 Description An issue exists in the /builderHome.php file where improper handling of the loc variable allows for remote SQL injection. SQL injection is a technique where an attacker inserts maliciou...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-55797

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote SQL injection is possible due to improper manipulation of the field name argument within the Notes controller::search scratch data function locate...

6.5CVSS6.7AI score0.00204EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 4 days ago13 views

PT-2026-55750

Name of the Vulnerable Software and Affected Versions itsourcecode Online Hotel Management System version 1.0 Description A remote SQL injection is possible via the manipulation of the email argument within an unknown function of the '/admin/login.php' endpoint. SQL injection is a technique where...

7.5CVSS7.1AI score0.00281EPSS
Exploits0References8
NVD
NVD
added 5 days ago6 views

CVE-2026-14683

A vulnerability was detected in HdrHistogram up to 2.2.2. Affected by this issue is the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. The manipulation of the argument lengthOfCompressedContents results...

4.8CVSS0.00118EPSS
Exploits0References7
CVE
CVE
added 5 days ago21 views

CVE-2026-14683

CVE-2026-14683 affects HdrHistogram up to 2.2.2. The vulnerability is in org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer, where manipulating lengthOfCompressedContents can trigger uncontrolled memory allocation. Exploitation is local, and a public exploit exists. The issue was r...

4.8CVSS5.4AI score0.00118EPSS
Exploits0References7
Debian CVE
Debian CVE
added 5 days ago4 views

CVE-2026-14683

A vulnerability was detected in HdrHistogram up to 2.2.2. Affected by this issue is the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. The manipulation of the argument lengthOfCompressedContents results...

4.8CVSS5.4AI score0.00118EPSS
Exploits0
CVE
CVE
added 5 days ago16 views

CVE-2026-14655

CVE-2026-14655 affects code-projects Assessment Management 1.0. The vulnerability is in an unknown functionality of the file admin/view-users.php , where manipulating the argument User can lead to cross-site scripting (XSS) . The attack is described as possible to be performed from remote, with a...

4.8CVSS4.1AI score0.00347EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-14652 SourceCodester Simple and Nice Shopping Cart Script Admin Login login.php sql injection

A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit ha...

7.5CVSS0.00412EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-41696

A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit ha...

7.5CVSS6.8AI score0.00412EPSS
Exploits0References6
NVD
NVD
added 5 days ago8 views

CVE-2026-14640

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit ha...

7.5CVSS0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-14642 SourceCodester Class and Exam Timetabling System edit_class2.php sql injection

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /editclass2.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is...

7.5CVSS0.00412EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-41688

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit ha...

7.5CVSS6.8AI score0.00263EPSS
Exploits0References6
CVE
CVE
added 5 days ago11 views

CVE-2026-14640

CVE-2026-14640 describes a SQL injection in CodeAstro Apartment Visitor Management System 1.0. The vulnerability is in the Login component, specifically an unknown function in /index.php, where manipulating the Username argument can lead to remote exploitation. The exploit is publicly available a...

7.5CVSS6.8AI score0.00263EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-41679

A vulnerability was determined in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 49b20f53de2b7ec34e920b11c863f1491d911a04. This affects an unknown part of the file /index.php/api/product/set of the component Hidden REST API Endpoint. This manipulation of the argument title/description causes...

5.3CVSS4.2AI score0.00288EPSS
Exploits0References7
NVD
NVD
added 5 days ago8 views

CVE-2026-14628

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS0.00551EPSS
Exploits1References5
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-41673

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS5.8AI score0.00551EPSS
Exploits1References5
Rows per page
Query Builder