Lucene search
K

201 matches found

CNNVD
CNNVD
added 2026/02/26 12:0 a.m.9 views

Warehouse Inventory Management System 授权问题漏洞

Warehouse Inventory Management System is a warehouse inventory management system developed by go2ismail. The Warehouse Inventory Management System versions 9.20250118 and earlier have an authorization issue vulnerability. This vulnerability arises from improper authorization due to operations on...

8.8CVSS6.6AI score0.00314EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.13 views

PT-2026-21907

A vulnerability was found in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected is an unknown function of the file /api/admin/sys-message/ of the component API Endpoint. The manipulation of the argument messageId results in authorization bypass. The attack can be launched remotely. The exploi...

6.9CVSS5.1AI score0.0044EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2026/02/22 12:31 a.m.6 views

funadmin has Incorrect Privilege Assignment in its Configuration Handler

A weakness has been identified in funadmin up to 7.1.0-rc4. This affects the function setConfig of the file app/backend/controller/Ajax.php of the component Configuration Handler. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has bee...

7.5CVSS5.2AI score0.00286EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/02/21 11:32 p.m.20 views

CVE-2026-2896

Funadmin up to 7.1.0-rc4 is affected by CVE-2026-2896 due to a flaw in the setConfig function of app/backend/controller/Ajax.php (Configuration Handler). The issue allows remote manipulation to cause improper authorization. Exploitation is possible over the network with no privileges and no user ...

7.5CVSS5.3AI score0.00286EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/21 12:0 a.m.5 views

PT-2026-21352

A security vulnerability has been detected in feng ha ha/megagao ssm-erp and production ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeController.java. The manipulation leads to improper authorization. It is possible to initiate the attack...

6.5CVSS5.2AI score0.00252EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.5 views

FLIR Systems AX8 Cameras Incorrect Privilege Assignment (CVE-2024-3013)

A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/testlogin.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploi...

8.8CVSS5.7AI score0.22987EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/02/08 1:3 p.m.12 views

CVE-2026-2077

A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function addRole/updateRole/deleteRole of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role...

8.8CVSS6AI score0.00262EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/08 7:32 a.m.8 views

EUVD-2026-5807

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

6.5CVSS6AI score0.00362EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/08 1:9 a.m.7 views

CVE-2026-2208

A security vulnerability has been detected in WeKan up to 8.20. Impacted is an unknown function of the file server/publications/rules.js of the component Rules Handler. The manipulation leads to missing authorization. The attack can be initiated remotely. Upgrading to version 8.21 is recommended ...

5.3CVSS4.6AI score0.00244EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.10 views

PT-2026-6948

Name of the Vulnerable Software and Affected Versions Wekan versions prior to 8.19 Description A flaw exists in Wekan that allows for improper authorization. This issue is related to the setCreateTranslation function within the client/components/settings/translationBody.js file of the Custom...

6.5CVSS5.4AI score0.00188EPSS
Exploits0References8
NVD
NVD
added 2026/02/07 7:15 p.m.4 views

CVE-2026-2107

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\LoginfoController.java of the component Log Info...

8.8CVSS0.00326EPSS
Exploits1References6
NVD
NVD
added 2026/02/07 6:15 p.m.7 views

CVE-2026-2106

A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The impacted element is the function addNotice/updateNotice/deleteNotice/batchDeleteNotice of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\NoticeController.java of the...

8.8CVSS0.00326EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/07 12:0 a.m.11 views

PT-2026-6915

Name of the Vulnerable Software and Affected Versions yeqifu warehouse affected versions not specified Description A flaw exists in the Log Info Handler component of yeqifu warehouse, specifically within the loadAllLoginfo, deleteLoginfo, and batchDeleteLoginfo functions located in the file...

6.5CVSS5.3AI score0.00326EPSS
Exploits1References8
NVD
NVD
added 2026/02/06 11:15 a.m.6 views

CVE-2026-2015

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument schoolid can lead to improper authorization. The attack can be executed remotel...

8.8CVSS0.00307EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/02/03 3:11 a.m.17 views

CVE-2026-1733

A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...

5.3CVSS5.3AI score0.00364EPSS
Exploits1References1
OSV
OSV
added 2026/01/30 6:15 p.m.4 views

CVE-2026-1702

A vulnerability was detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/operation/user.php of the component User Management. Performing a manipulation of the argument groupid results in improper authorization. The attack can be...

8.8CVSS5.6AI score0.00358EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/30 5:32 p.m.5 views

CVE-2026-1702 SourceCodester Pet Grooming Management Software User Management user.php improper authorization

A vulnerability was detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/operation/user.php of the component User Management. Performing a manipulation of the argument groupid results in improper authorization. The attack can be...

6.5CVSS5.6AI score0.00358EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/30 5:32 p.m.4 views

CVE-2026-1702

A vulnerability was detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/operation/user.php of the component User Management. Performing a manipulation of the argument groupid results in improper authorization. The attack can be...

6.5CVSS5.6AI score0.00358EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/20 6:17 a.m.7 views

CVE-2026-1141

A vulnerability was identified in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /admin/add-subadmins.php of the component Add Sub-Admin Page. Such manipulation leads to improper authorization. The attack can be launched remotely. The exploit is publicly...

8.8CVSS5.2AI score0.003EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2026/01/20 12:0 a.m.3 views

Ubuntu: Security Advisory (USN-7962-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS5.5AI score0.00307EPSS
Exploits1References2
Rows per page
Query Builder