CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/02/08 7:16 p.m.•7 views

CVE-2026-2173

A vulnerability was identified in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely...

9.8CVSS0.00312EPSS

NVD•added 2026/02/08 7:16 p.m.•5 views

CVE-2026-2174

A security flaw has been discovered in code-projects Contact Management System 1.0. This affects an unknown part of the component CRUD Endpoint. The manipulation of the argument ID results in improper authentication. The attack may be launched remotely...

9.8CVSS0.00563EPSS

EUVD•added 2026/02/08 7:2 p.m.•5 views

EUVD-2026-5774

A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem0 leads to sql injection. The attack can be executed remotely...

8.8CVSS5.4AI score0.00243EPSS

ATTACKERKB•added 2026/02/08 6:32 p.m.•4 views

CVE-2026-2174

7.5CVSS7AI score0.00563EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/02/08 6:32 p.m.•34 views

CVE-2026-2174 code-projects Contact Management System CRUD Endpoint improper authentication

7.5CVSS0.00563EPSS

CVE•added 2026/02/08 6:32 p.m.•19 views

CVE-2026-2174

CVE-2026-2174 affects code-projects Contact Management System 1.0. The vulnerability is in an unknown part of the component CRUD Endpoint where manipulation of the argument ID leads to improper authentication, enabling a remote attack. Connected sources (Red Hat, NVD, OSV, CVE listings, Attackers...

9.8CVSS7AI score0.00563EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/02/08 6:32 p.m.•2 views

CVE-2026-2174 code-projects Contact Management System CRUD Endpoint improper authentication

7.5CVSS5.2AI score0.00563EPSS

EUVD•added 2026/02/08 6:32 p.m.•4 views

EUVD-2026-5776

9.8CVSS5.1AI score0.00563EPSS

Vulnrichment•added 2026/02/08 5:32 p.m.•4 views

CVE-2026-2169 D-Link DWR-M921 formLtefotaUpgradeFibocom command injection

A vulnerability has been found in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

6.5CVSS5.5AI score0.02607EPSS

ATTACKERKB•added 2026/02/08 5:32 p.m.•8 views

CVE-2026-2169

6.5CVSS6.4AI score0.02607EPSS

Vulnrichment•added 2026/02/08 4:32 p.m.•3 views

CVE-2026-2165 detronetdip E-commerce Account Creation Endpoint add_seller.php missing authentication

A weakness has been identified in detronetdip E-commerce 1.0.0. Impacted is an unknown function of the file /Admin/assets/backend/seller/addseller.php of the component Account Creation Endpoint. Executing a manipulation of the argument email can lead to missing authentication. The attack can be...

7.5CVSS5.2AI score0.0057EPSS

Exploits1References6

OSV•added 2026/02/08 3:15 p.m.•4 views

CVE-2026-2158

A vulnerability was detected in code-projects Student Web Portal 1.0. This impacts an unknown function of the file /checkuser.php. Performing a manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely...

9.8CVSS5.8AI score

Exploits0References5

NVD•added 2026/02/08 3:15 p.m.•6 views

CVE-2026-2158

9.8CVSS0.00371EPSS

OSV•added 2026/02/08 3:15 p.m.•4 views

CVE-2026-2156

A weakness has been identified in code-projects Online Student Management System 1.0. The impacted element is an unknown function of the file /admin/announcement/index.php?view=add of the component Announcement Management Module. This manipulation causes cross site scripting. The attack is possib...

4.8CVSS4.1AI score

Exploits0References5

Vulnrichment•added 2026/02/08 12:32 p.m.•5 views

CVE-2026-2152 D-Link DIR-615 Web Configuration adv_routing.php os command injection

A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file advrouting.php of the component Web Configuration Interface. Performing a manipulation of the argument destip/ submask/ gw results in os command injection. The attack may be initiated remotely. T...

8.6CVSS5.3AI score0.04545EPSS

Vulnrichment•added 2026/02/08 10:32 a.m.•4 views

CVE-2026-2148 Tenda AC21 Web Management DownloadFlash information disclosure

A security vulnerability has been detected in Tenda AC21 16.03.08.16. Affected is an unknown function of the file /cgi-bin/DownloadFlash of the component Web Management Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has bee...

6.9CVSS5.4AI score0.00544EPSS

ATTACKERKB•added 2026/02/08 10:32 a.m.•7 views

CVE-2026-2148

6.9CVSS5.5AI score0.00544EPSS

CVE•added 2026/02/08 10:32 a.m.•15 views

CVE-2026-2148

CVE-2026-2148 affects the Tenda AC21 Web Management Interface, specifically the unknown function in file /cgi-bin/DownloadFlash. The issue allows remote information disclosure through manipulation of that function. Multiple sources confirm the device is vulnerable on version 16.03.08.16, with the...

7.5CVSS5.5AI score0.00544EPSS

ATTACKERKB•added 2026/02/08 10:2 a.m.•5 views

CVE-2026-2147

A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The exploit has been made...

6.9CVSS5.5AI score0.00521EPSS