40978 matches found
CVE-2026-7130 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=deletecategory. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has...
EUVD-2026-25854
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=deletecategory. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has...
CVE-2026-7130
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=deletecategory. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has...
CVE-2026-7130
CVE-2026-7130 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability resides in the unknown function of the file /ajax.php?action=delete_category , where manipulating the argument ID enables an SQL injection . The attack can be performed remotely and, per the descriptio...
EUVD-2026-25853
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /index.php?page=categories. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-7129
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /index.php?page=categories. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-7129 SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /index.php?page=categories. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The...
CVE-2026-7128 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection
A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=savetype. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has...
CVE-2026-7128
SourceCodester Pharmacy Sales and Inventory System 1.0 is affected by an SQL injection in /ajax.php?action=save_type arising from improper handling of the ID parameter in that request. The vulnerability is exploitable remotely and has been publicly disclosed; CVSS-derived metrics in the record in...
CVE-2026-7128 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection
A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=savetype. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has...
EUVD-2026-25852
A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=savetype. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has...
CVE-2026-7035
A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has be...
CVE-2026-7034
A vulnerability was found in Tenda FH1202 1.2.0.14408. Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the argument Go results in stack-based buffer overflow. The attack may be initiated remotely. The exploit...
CVE-2026-7024
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...
CVE-2026-7019
A vulnerability was identified in Tenda F456 1.0.0.5. The impacted element is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly...
CVE-2026-6995
A security flaw has been discovered in BDCOM P3310D 0.4.2 10.1.0F Build 86345. The impacted element is an unknown function of the file /index.asp of the component New User Page. Performing a manipulation of the argument User name results in cross site scripting. The attack may be initiated...
CVE-2026-6985
A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handleopt of the file /src/netbuiltin.c of the component TCP Option Handler. This manipulation of the argument optlen causes infinite loop. The attack is possible to be carried out remotely. The...
CVE-2026-7125
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. T...
CVE-2026-7126
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=savecategory. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released t...
EUVD-2026-25850
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=savecategory. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released t...