Lucene search
K

6395 matches found

Vulnrichment
Vulnrichment
added 2026/06/08 10:45 a.m.9 views

CVE-2026-11507 CodeAstro Leave Management System delete_leave_type.php sql injection

A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/deleteleavetype.php. The manipulation of the argument leavetype results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

6.5CVSS6.4AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 10:45 a.m.12 views

EUVD-2026-35043

A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/deleteleavetype.php. The manipulation of the argument leavetype results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

6.5CVSS6.4AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 9:45 a.m.11 views

EUVD-2026-35038

A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function formfastsettingwifiset of the file /goform/fastsettingwifiset of the component Wi-Fi Configuration Endpoint. Such manipulation of the argument ssid leads to stack-based buffer overflow. The...

9CVSS6.2AI score0.00466EPSS
Exploits0References6
NVD
NVD
added 2026/06/08 9:16 a.m.15 views

CVE-2026-11497

A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has bee...

8.8CVSS0.00432EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 7:0 a.m.15 views

EUVD-2026-35029

A vulnerability was determined in Tenda HG7HG9 and HG10 300001138enxpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overflow. The attack may be performed from remote...

10CVSS8.5AI score0.06561EPSS
Exploits3References6
CVE
CVE
added 2026/06/08 6:30 a.m.50 views

CVE-2026-11497

CVE-2026-11497 affects the D-Link DCS-5615 (firmware 1.01.00). The vulnerability targets an unknown functionality in the Boa Webserver component, specifically the file /etc/conf.d/boa/boa.conf, and can lead to a least privilege violation . The attack is described as remote and the exploit has bee...

8.8CVSS5.5AI score0.00432EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/08 6:0 a.m.54 views

CVE-2026-11494 TOTOLINK AC1200 T8 vsftpd vsftpd.conf least privilege violation

A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly...

5.3CVSS0.00215EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 2:30 a.m.13 views

CVE-2026-11480

A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. Impacted is an unknown function of the file beike/Admin/Routes/admin.php of the component Admin Design Builder Endpoint. Performing a manipulation of the argument settings.value results in sql injection. I...

6.5CVSS6.3AI score0.002EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47204

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7AI score0.00263EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47239

A vulnerability was detected in hs-web hsweb-framework up to 5.0.1. This affects the function OAuth2Client of the file hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java of the component OAuth2 Client. The manipulation results in op...

5.3CVSS5.1AI score0.00303EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47309

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...

9CVSS6.2AI score0.00466EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.15 views

Student-Management-System 访问控制错误漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a security vulnerability in Student-Management-System, which stems from improper handling of the parameter “stimg” in the file service/RegisterService.php on the registration endpoin...

7.5CVSS7.2AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47307

A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file /goform/setPortMirror. Performing a manipulation of the argument portMirrorMirroredPorts results in stack-based buffer overflow. The attack can be initiated remotely. The...

9CVSS8.5AI score0.00466EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

TOTOLINK CP450 安全漏洞

TOTOLINK CP450 is an outdoor wireless customer terminal device developed by TOTOLINK Corporation. It is primarily used to provide wireless broadband access services, especially suitable for wireless network coverage in rural or remote areas. The TOTOLINK CP450 version 4.1.0cu.747 contains a...

5.3CVSS5AI score0.00206EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

SourceCodester Inventory System 跨站脚本漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System has a cross-site scripting vulnerability. This vulnerability stems from the handling of parameters fullname and username in the users.php componen...

5.3CVSS4.6AI score0.00388EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

UTT HiPER 2610G 缓冲区错误漏洞

UTT HiPER 2610G is a high-end router designed for small and medium-sized enterprise networks by UTT Corporation. Versions of UTT HiPER 2610G 3.0.0-171107 and earlier contain a buffer overflow vulnerability. This vulnerability stems from the strcopy function in the...

9CVSS8.6AI score0.006EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.20 views

PT-2026-47310

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub 45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

9CVSS6.1AI score0.00466EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Student-Management-System 安全漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a security vulnerability in Student-Management-System, which stems from improper handling of the parameter isadmin in the edit-admin function of the controllers/AdminController.php...

6.5CVSS6.4AI score0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.21 views

PT-2026-47244

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An SQL injection issue exists that can be initiated remotely. The flaw is located in an unknown function within the '/archive5.php' endpoint, where manipulation of the sy...

7.5CVSS7.5AI score0.0029EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2 : libssh2, --advisory ALAS2-2026-3329 (ALAS-2026-3329)

The version of libssh2 installed on the remote host is prior to 1.4.3-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3329 advisory. A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the...

9.1CVSS7.3AI score0.00466EPSS
Exploits0References4
Rows per page
Query Builder