EUVD-2026-10317

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

CVE-2026-3813

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

CVE-2026-3813 opencc JFlow WF_CCForm.java Calculate injection

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

CVE-2026-3813

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

CVE-2026-3813 opencc JFlow WF_CCForm.java Calculate injection

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

CVE-2026-3813

opencc JFlow contains a vulnerability CVE-2026-3813 affecting the function Calculate in src/main/java/bp/wf/httphandler/WF_CCForm.java. The issue enables injection and can be triggered remotely; an exploit is publicly available. The project uses a rolling release model and does not disclose affec...

EUVD-2026-10299

A weakness has been identified in SourceCodester/janobe Resort Reservation System 1.0. This issue affects some unknown processing of the file /roomrates.php. This manipulation of the argument q causes sql injection. The attack can be initiated remotely. The exploit has been made available to the...

CVE-2026-3806

CVE-2026-3806 affects SourceCodester/janobe Resort Reservation System 1.0. The vulnerability is a SQL injection in an unknown handling of /room_rates.php triggered by the q parameter. Exploitation can be conducted remotely; the exploit has been publicly released and PoCs exist. No remediation det...

CVE-2026-3792

SourceCodester Sales and Inventory System 1.0 contains an SQL injection in purchase_invoice.php (GET parameter handler) via the purchaseid argument. The flaw is exploitable remotely and exploit code is public (PROOF-OF-CONCEPT). Affected component is the purchase_invoice.php file; root cause is u...

CVE-2026-3792

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchaseinvoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The explo...

CVE-2026-3791 SourceCodester Sales and Inventory System Search dashboard.php sql injection

A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to be carried out...

CVE-2026-3790 SourceCodester Sales and Inventory System POST Parameter check_supplier_details.php sql injection

A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file checksupplierdetails.php of the component POST Parameter Handler. Executing a manipulation of the argument stockname1 can lead to sql injection. The attac...

CVE-2026-3786

A security flaw has been discovered in EasyCMS up to 1.6. The impacted element is an unknown function of the file /RbacuserAction.class.php of the component Request Parameter Handler. The manipulation of the argument order results in sql injection. The attack can be launched remotely. The exploit...

CVE-2026-3767 itsourcecode sanitize or validate this input teacher-attendance.php sql injection

A weakness has been identified in itsourcecode sanitize or validate this input 1.0. Affected is an unknown function of the file /admin/teacher-attendance.php. Executing a manipulation of the argument teacherid can lead to sql injection. The attack may be launched remotely. The exploit has been ma...

CVE-2026-3765

A vulnerability was identified in itsourcecode University Management System 1.0. This affects an unknown function of the file /attsingleview.php. Such manipulation of the argument dt leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

EUVD-2026-10259

A vulnerability was identified in SourceCodester Sales and Inventory System up to 1.0. Affected is an unknown function of the file /checkitemdetails.php. The manipulation of the argument stockname1 leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...

CVE-2026-3758

A weakness has been identified in projectworlds Online Art Gallery Shop 1.0. Affected by this issue is some unknown functionality of the file /admin/adminHome.php. This manipulation of the argument Info causes sql injection. Remote exploitation of the attack is possible. The exploit has been made...

CVE-2026-3757

A security flaw has been discovered in projectworlds Online Art Gallery Shop 1.0. Affected by this vulnerability is an unknown functionality of the file /?pass=1. The manipulation of the argument fnm results in sql injection. The attack may be launched remotely. The exploit has been released to t...

CVE-2026-3755 SourceCodester Sales and Inventory System POST check_customer_details.php sql injection

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /checkcustomerdetails.php of the component POST Handler. Executing a manipulation of the argument stockname1 can lead to sql injection. The attack can be launched remotely...

CVE-2026-3753

A vulnerability has been found in SourceCodester Sales and Inventory System up to 1.0. The impacted element is an unknown function of the file /addsalesprint.php. Such manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...