Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40977 matches found

RedhatCVE
RedhatCVEadded 2026/04/29 8:48 p.m.3 views

CVE-2026-7225

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function deletemenu of the file /admin/ajax.php?action=deletemenu. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/29 8:48 p.m.6 views

CVE-2026-7264

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...

6.5CVSS6.4AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/29 8:48 p.m.3 views

CVE-2026-7297

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The...

4.8CVSS3AI score0.00202EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/29 8:45 p.m.2 views

EUVD-2026-26290

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may be...

5.8CVSS5AI score0.00253EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/29 8:45 p.m.3 views

CVE-2026-7408 SourceCodester Pizzafy Ecommerce System ajax.php save_menu sql injection

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may be...

5.8CVSS5AI score0.00253EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/29 8:30 p.m.4 views

CVE-2026-7407 SourceCodester Pizzafy Ecommerce System Setting ajax.php save_settings sql injection

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /pizzafy/admin/ajax.php?action=savesettings of the component Setting Handler. Such manipulation leads to sql injection. It is possible...

5.8CVSS5AI score0.00253EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/29 8:30 p.m.3 views

EUVD-2026-26289

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /pizzafy/admin/ajax.php?action=savesettings of the component Setting Handler. Such manipulation leads to sql injection. It is possible...

5.8CVSS5AI score0.00253EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/29 8:30 p.m.2 views

CVE-2026-7407

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /pizzafy/admin/ajax.php?action=savesettings of the component Setting Handler. Such manipulation leads to sql injection. It is possible...

5.8CVSS5AI score0.00253EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/04/29 8:30 p.m.9 views

CVE-2026-7407

The CVE-2026-7407 vulnerability affects SourceCodester Pizzafy Ecommerce System 1.0, specifically the save_settings function in /pizzafy/admin/ajax.php?action=save_settings (Setting Handler). The issue is a SQL injection caused by input manipulation in that endpoint, enabling remote attackers to ...

5.8CVSS5AI score0.00253EPSS
Exploits0References5
NVD
NVDadded 2026/04/29 8:16 p.m.2 views

CVE-2026-7400

A security vulnerability has been detected in geekgod382 filesystem-mcp-server 1.0.0. This issue affects the function ispathallowed of the file server.py of the component readfiletool/writefiletool. Such manipulation leads to path traversal. The attack can be launched remotely. The exploit has be...

7.5CVSS0.0043EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/04/29 8:15 p.m.5 views

CVE-2026-7404

A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function deletesharedprompt of the file src/mcposimpleserver/services/promptmanager/basemanager.py. This manipulation of the argument detail causes relative path traversal. It is possible to initiate t...

7.5CVSS7.1AI score0.00512EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/04/29 8:15 p.m.14 views

CVE-2026-7404

The CVE affects getsimpletool mcpo-simple-server up to 0.2.0. The vulnerability is in delete_shared_prompt (src/mcpo_simple_server/services/prompt_manager/base_manager.py), where manipulation of the detail argument enables relative path traversal. It can be exploited remotely, and a public exploi...

7.5CVSS7.1AI score0.00512EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/29 8:0 p.m.5 views

EUVD-2026-26287

A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...

6.9CVSS5.4AI score0.00563EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/29 8:0 p.m.31 views

CVE-2026-7403 geldata gel-mcp server.py fetch_rule path traversal

A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...

6.9CVSS0.00563EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/29 8:0 p.m.4 views

CVE-2026-7403 geldata gel-mcp server.py fetch_rule path traversal

A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...

6.9CVSS5.4AI score0.00563EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/29 8:0 p.m.2 views

CVE-2026-7403

A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...

6.9CVSS5.4AI score0.00563EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/04/29 8:0 p.m.14 views

CVE-2026-7403

CVE-2026-7403 affects geldata gel-mcp 0.1.0. The vulnerability is in src/gel_mcp/server.py, function list_rules/fetch_rule, where manipulating the argument rule_name enables path traversal. This could be exploited remotely; the exploit is publicly available. The project was informed of the issue ...

6.9CVSS5.4AI score0.00563EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/29 7:15 p.m.3 views

CVE-2026-7401 SourceCodester CET Automated Grading System with AI Predictive Analytics Registration index.php register cross site scripting

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument studentid/fullname/section/username results ...

5.3CVSS3.7AI score0.0032EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/29 7:15 p.m.27 views

CVE-2026-7401 SourceCodester CET Automated Grading System with AI Predictive Analytics Registration index.php register cross site scripting

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument studentid/fullname/section/username results ...

5.3CVSS0.0032EPSS
Exploits0References5
CVE
CVEadded 2026/04/29 7:15 p.m.8 views

CVE-2026-7401

CVE-2026-7401 affects SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The vulnerability targets the Registration component, specifically /index.php?action=register, where manipulation of the arguments student_id, full_name, section, or username enables cross-site scr...

5.3CVSS3.7AI score0.0032EPSS
Exploits0References5
Rows per page
Query Builder