CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/03/24 10:16 p.m.•4 views

CVE-2026-4777

A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file viewsupplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be launched remotely. The...

6.5CVSS0.00245EPSS

Exploits1References5

ATTACKERKB•added 2026/03/24 9:42 p.m.•2 views

CVE-2026-4777

Positive Technologies•added 2026/03/24 12:0 a.m.•3 views

PT-2026-27520

A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file view supplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be launched remotely. The...

Vulnrichment•added 2026/03/23 11:38 p.m.•2 views

Exploits1References7

CVE-2026-4614 itsourcecode sanitize or validate this input Parameter subjects.php sql injection

A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This manipulation of the argument subjectcode causes sql injection. The attack is possible to be carri...

6.5CVSS6.3AI score0.00192EPSS

Cvelist•added 2026/03/23 11:4 p.m.•25 views

CVE-2026-4613 SourceCodester E-Commerce Site products.php sql injection

A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /products.php. The manipulation of the argument Search results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

7.5CVSS0.00259EPSS

Cvelist•added 2026/03/23 9:57 p.m.•33 views

CVE-2026-4612 itsourcecode Free Hotel Reservation System Parameter index.php sql injection

A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0. This affects an unknown part of the file /hotel/admin/modusers/index.php?view=edit&id=8 of the component Parameter Handler. The manipulation of the argument accountid leads to sql injection. Remote exploitation of t...

7.5CVSS0.00254EPSS

NVD•added 2026/03/23 9:17 p.m.•2 views

CVE-2026-4597

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyProvider.java of the component Stream Proxy Query Handler. The manipulation results in sql injection...

6.5CVSS0.00192EPSS

Vulnrichment•added 2026/03/23 8:15 p.m.•2 views

CVE-2026-4597 648540858 wvp-GB28181-pro Stream Proxy Query StreamProxyProvider.java selectAll sql injection

6.5CVSS6.3AI score0.00192EPSS

ATTACKERKB•added 2026/03/23 9:33 a.m.•1 views

CVE-2026-4581

A weakness has been identified in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checklogin.php of the component Parameters Handler. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The explo...

9.8CVSS6.9AI score0.00354EPSS

Exploits1References8Affected Software1

Cvelist•added 2026/03/23 8:48 a.m.•26 views

CVE-2026-4580 code-projects Simple Laundry System Parameters checkupdatestatus.php sql injection

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /checkupdatestatus.php of the component Parameters Handler. The manipulation of the argument serviceId results in sql injection. The attack can be executed remotely. The...

7.5CVSS0.00329EPSS

Exploits1References5

ATTACKERKB•added 2026/03/23 7:36 a.m.•2 views

CVE-2026-4579

A vulnerability was identified in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /viewdetail.php of the component Parameters Handler. The manipulation of the argument serviceId leads to sql injection. Remote exploitation of the attack is possible. The exploi...

7.5CVSS5.6AI score0.00428EPSS

NVD•added 2026/03/23 6:16 a.m.•7 views

CVE-2026-4573

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/formhandlers/deletepost.php of the component HTTP GET Parameter Handler. The manipulation of the argument postid leads to sql injection. It is possible to...

6.5CVSS0.00196EPSS

CVE•added 2026/03/23 4:18 a.m.•7 views

CVE-2026-4572

The CVE-2026-4572 entry identifies a vulnerability in SourceCodester Sales and Inventory System 1.0. The flaw affects the file /view_product.php, specifically the HTTP POST parameter searchtxt, where manipulation can lead to a SQL Injection. It is described as exploitable remotely and with a publ...

ATTACKERKB•added 2026/03/23 4:18 a.m.•3 views

CVE-2026-4572

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /viewproduct.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack m...

CVE•added 2026/03/23 3:41 a.m.•6 views

CVE-2026-4571

CVE-2026-4571 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is in the HTTP POST handler for /view_payments.php, where manipulating the searchtxt parameter leads to SQL injection. The issue can be exploited remotely with a publicly released exploit (PoC). Impact details ...