Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40978 matches found

EUVD
EUVDadded 2026/04/27 1:0 p.m.4 views

EUVD-2026-25850

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=savecategory. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released t...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 12:45 p.m.4 views

CVE-2026-7125

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. T...

10CVSS8.3AI score0.01766EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/04/27 12:45 p.m.2 views

EUVD-2026-25843

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. T...

10CVSS8.3AI score0.01766EPSS
Exploits0References5
CVE
CVEadded 2026/04/27 12:45 p.m.15 views

CVE-2026-7125

The CVE-2026-7125 entry concerns Totolink A8000RU (7.1cu.643_b20200521). Affected component: CGI Handler, function setWiFiEasyCfg in /cgi-bin/cstecgi.cgi. Root cause is manipulation of the argument merge leading to OS command injection; the issue is exploitable remotely. Public exploit is cited. ...

10CVSS8.3AI score0.01766EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/27 12:30 p.m.7 views

CVE-2026-7124 Totolink A8000RU CGI cstecgi.cgi setIpv6LanCfg os command injection

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument addrPrefixLen can lead to os command injection. The attack ca...

10CVSS8.2AI score0.01766EPSS
Exploits0References5
CVE
CVEadded 2026/04/27 12:30 p.m.14 views

CVE-2026-7124

Summary: CVE-2026-7124 affects Totolink A8000RU (firmware 7.1cu.643_b20200521). The vulnerability resides in the CGI Handler component, specifically the function setIpv6LanCfg in /cgi-bin/cstecgi.cgi. Attacker can manipulate the argument addrPrefixLen to trigger an OS command injection. This can ...

10CVSS8.2AI score0.01766EPSS
Exploits0References5
NVD
NVDadded 2026/04/27 12:16 p.m.6 views

CVE-2026-7118

A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection. The attack is possible to be carried out remotely. The explo...

6.5CVSS0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 12:15 p.m.3 views

CVE-2026-7123

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument setIptvCfg results in os command injection. The attack can be initiated remotely. The...

10CVSS8.2AI score0.01766EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/04/27 12:0 p.m.27 views

CVE-2026-7122 Totolink A8000RU CGI cstecgi.cgi setUPnPCfg os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...

10CVSS0.01766EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/27 11:30 a.m.26 views

CVE-2026-7119 Tenda HG3 formCountrystr os command injection

A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argument countrystr results in os command injection. The attack may be performed from remote. The exploit is now public and may be used...

9CVSS0.03269EPSS
Exploits1References5
EUVD
EUVDadded 2026/04/27 11:30 a.m.8 views

EUVD-2026-25834

A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argument countrystr results in os command injection. The attack may be performed from remote. The exploit is now public and may be used...

9CVSS7.7AI score0.03269EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 11:30 a.m.8 views

CVE-2026-7119

A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argument countrystr results in os command injection. The attack may be performed from remote. The exploit is now public and may be used...

9CVSS7.8AI score0.03269EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2026/04/27 11:16 a.m.4 views

CVE-2026-7114

A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilize...

6.5CVSS0.00192EPSS
Exploits0References5
NVD
NVDadded 2026/04/27 11:16 a.m.10 views

CVE-2026-7115

A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...

6.5CVSS0.00192EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/27 11:15 a.m.32 views

CVE-2026-7118 code-projects Employee Management System cancel.php sql injection

A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection. The attack is possible to be carried out remotely. The explo...

6.5CVSS0.00192EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/27 11:0 a.m.5 views

CVE-2026-7117 code-projects Employee Management System approve.php sql injection

A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/27 11:0 a.m.32 views

CVE-2026-7117 code-projects Employee Management System approve.php sql injection

A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...

6.5CVSS0.00192EPSS
Exploits0References5
CVE
CVEadded 2026/04/27 10:45 a.m.9 views

CVE-2026-7116

CVE-2026-7116 affects code-projects Employee Management System 1.0, specifically the file 370project/mark.php. An input manipulation leads to cross-site scripting (XSS) with remote exploitation possible. Exploit appears publicly available. CVSS metrics indicate MEDIUM severity (up to 5.3 on CVSS4...

5.3CVSS4AI score0.00273EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/04/27 10:30 a.m.4 views

CVE-2026-7115 code-projects Employee Management System delete.php sql injection

A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...

6.5CVSS6.6AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/27 10:30 a.m.31 views

CVE-2026-7115 code-projects Employee Management System delete.php sql injection

A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...

6.5CVSS0.00192EPSS
Exploits0References5
Rows per page
Query Builder