Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40978 matches found

Cvelist
Cvelistadded 2026/04/28 3:1 p.m.33 views

CVE-2026-7289 D-Link DIR-825M formWanConfigSetup sub_414BA8 buffer overflow

A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used...

9CVSS0.0069EPSS
Exploits1References5
CVE
CVEadded 2026/04/28 3:1 p.m.11 views

CVE-2026-7289

The CVE-2026-7289 entry concerns D-Link DIR-825M (firmware version 1.1.12). A vulnerability in the function sub_414BA8 of /boafrm/formWanConfigSetup allows manipulation of the submit-url argument to trigger a buffer overflow, enabling a remote attack. Public exploitation appears to be available. ...

9CVSS8.6AI score0.0069EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2026/04/28 2:16 p.m.3 views

CVE-2026-7281

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. Th...

4.8CVSS0.00206EPSS
Exploits0References5
NVD
NVDadded 2026/04/28 2:16 p.m.4 views

CVE-2026-7272

A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generatematlabcode/executematlabcode of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument scriptPath can lead...

7.5CVSS0.00424EPSS
Exploits0References6
CVE
CVEadded 2026/04/28 2:15 p.m.11 views

CVE-2026-7283

SourceCodester Pharmacy Sales and Inventory System 1.0 exposes a SQL injection in /ajax.php?action=save_expired caused by manipulating the ID argument. The flaw is remote‑exploitable and is associated with CVE-2026-7283. Public exploit availability is noted in the reports. The connected documents...

5.8CVSS5.1AI score0.00263EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/28 2:15 p.m.30 views

CVE-2026-7283 SourceCodester Pharmacy Sales and Inventory System ajax.php save_expired sql injection

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function saveexpired of the file /ajax.php?action=saveexpired. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit ha...

5.8CVSS0.00263EPSS
Exploits0References5
NVD
NVDadded 2026/04/28 1:19 p.m.5 views

CVE-2026-7271

A vulnerability was detected in DV0x creative-ad-agent up to 751b9e5146604dc65049bd0f62dcbdad6212f8a3. Impacted is an unknown function of the file server/sdk-server.ts of the component creative-ad-agent-server. Performing a manipulation of the argument req.params results in path traversal. Remote...

6.9CVSS0.00479EPSS
Exploits0References6
NVD
NVDadded 2026/04/28 1:19 p.m.3 views

CVE-2026-7269

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has...

4.8CVSS0.0021EPSS
Exploits0References6
CVE
CVEadded 2026/04/28 1:15 p.m.11 views

CVE-2026-7281

CVE-2026-7281 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vuln is in the supplier function of /index.php?page=supplier, where manipulating the Name argument triggers cross-site scripting. It can be exploited remotely and the exploit has been publicly disclosed. CVSS data i...

4.8CVSS3.2AI score0.00206EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/28 1:0 p.m.2 views

EUVD-2026-26050

A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generatematlabcode/executematlabcode of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument scriptPath can lead...

7.5CVSS7AI score0.00424EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/04/28 1:0 p.m.3 views

CVE-2026-7272

A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generatematlabcode/executematlabcode of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument scriptPath can lead...

7.5CVSS7AI score0.00424EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/04/28 1:0 p.m.31 views

CVE-2026-7272 WilliamCloudQi matlab-mcp-server MCP index.ts execute_matlab_code path traversal

A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generatematlabcode/executematlabcode of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument scriptPath can lead...

7.5CVSS0.00424EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/04/28 1:0 p.m.2 views

CVE-2026-7272 WilliamCloudQi matlab-mcp-server MCP index.ts execute_matlab_code path traversal

A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generatematlabcode/executematlabcode of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument scriptPath can lead...

7.5CVSS7AI score0.00424EPSS
Exploits0References6
NVD
NVDadded 2026/04/28 12:16 p.m.6 views

CVE-2026-7268

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function savecategory of the file /admin/ajax.php?action=savecategory. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote. The exploit has been...

6.5CVSS0.002EPSS
Exploits0References6
EUVD
EUVDadded 2026/04/28 12:0 p.m.6 views

EUVD-2026-26041

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has...

4.8CVSS3.5AI score0.0021EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/04/28 12:0 p.m.3 views

CVE-2026-7269 SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has...

4.8CVSS3.3AI score0.0021EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/04/28 12:0 p.m.4 views

CVE-2026-7269

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has...

4.8CVSS3.3AI score0.0021EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2026/04/28 12:0 p.m.9 views

CVE-2026-7269

The CVE concerns SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of /index.php?page=product; manipulating the argument ID results in cross-site scripting. The flaw can be triggered remotely, and the exploit has been published, indicating availability to att...

4.8CVSS3.5AI score0.0021EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/04/28 12:0 p.m.27 views

CVE-2026-7269 SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has...

4.8CVSS0.0021EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/04/28 11:15 a.m.6 views

CVE-2026-7268 SourceCodester Pizzafy Ecommerce System ajax.php save_category sql injection

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function savecategory of the file /admin/ajax.php?action=savecategory. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote. The exploit has been...

6.5CVSS6.2AI score0.002EPSS
Exploits0References6
Rows per page
Query Builder