CVE-2026-7115

CVE-2026-7115 affects code-projects Employee Management System 1.0, with a vulnerability in the file 370project/delete.php. The issue arises from manipulating the argument ID, allowing SQL injection. Attacks may be launched remotely, and the exploit is publicly available. Current documents do not...

CVE-2026-7109

A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and...

CVE-2026-7113

A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The manipulation of the argument INSECURENOAUTH results in missing authentication. The attack can be...

CVE-2026-7113

CVE-2026-7113 affects NousResearch hermes-agent 0.8.0, specifically the Webhooks Endpoint in gateway/platforms/webhook.py. The issue arises from manipulating the argument _INSECURE_NO_AUTH, resulting in missing authentication and enabling a remote attack. The description notes high attack complex...

CVE-2026-7113 NousResearch hermes-agent Webhooks Endpoint webhook.py missing authentication

A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The manipulation of the argument INSECURENOAUTH results in missing authentication. The attack can be...

CVE-2026-7112

CVE-2026-7112 affects NousResearch hermes-agent 0.8.0. The vulnerability is in the API_SERVER_KEY Handler’s function _check_auth within gateway/platforms/api_server.py, causing improper authentication. It can be triggered remotely, with a high attack complexity and partial confidentiality/integri...

CVE-2026-7110

CVE-2026-7110 concerns code-projects Invoice System (Laravel 1.0). The vulnerability arises from an unspecified function in the /item file where manipulation of the item name/description parameter can trigger cross-site scripting. The issue is exploitable remotely, and an exploit has been publish...

CVE-2026-7110 code-projects Invoice System in Laravel item cross site scripting

A flaw has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /item. Executing a manipulation of the argument item name/description can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published an...

CVE-2026-7103

A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file updateuser.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...

CVE-2026-7107

A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made availabl...

CVE-2026-7098

A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit has been...

CVE-2026-7100

A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-7101

A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may ...

CVE-2026-7109

A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and...

EUVD-2026-25810

A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and...

CVE-2026-7108 code-projects Invoice System in Laravel cross-site request forgery

A security vulnerability has been detected in code-projects Invoice System in Laravel 1.0. This affects an unknown function. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...

CVE-2026-7108

A security vulnerability has been detected in code-projects Invoice System in Laravel 1.0. This affects an unknown function. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...

CVE-2026-7108 code-projects Invoice System in Laravel cross-site request forgery

A security vulnerability has been detected in code-projects Invoice System in Laravel 1.0. This affects an unknown function. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...

CVE-2026-7108

Technical details about CVE-2026-7108 are not publicly available in the provided documents. No confirmed affected products, versions, or exploitable vectors are disclosed. Monitor for updates.

CVE-2026-7107 code-projects Invoice System in Laravel company unrestricted upload

A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made availabl...