CVE-2026-6012 D-Link DIR-513 POST Request formSetPassword buffer overflow

A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out...

CVE-2026-6012

The CVE-2026-6012 entry affects D-Link DIR-513 (firmware 1.10). It targets the POST Request Handler’s /goform/formSetPassword function, where manipulating the curTime argument causes a buffer overflow. Remote exploitation is possible and the exploit has been publicly disclosed. Affected devices a...

CVE-2026-6011 OpenClaw assertPublicHostname web-fetch.ts server-side request forgery

A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of the component assertPublicHostname Handler. Executing a manipulation can lead to server-side request forgery. The attack can be executed...

CVE-2026-6011

A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of the component assertPublicHostname Handler. Executing a manipulation can lead to server-side request forgery. The attack can be executed...

CVE-2026-6011 OpenClaw assertPublicHostname web-fetch.ts server-side request forgery

A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of the component assertPublicHostname Handler. Executing a manipulation can lead to server-side request forgery. The attack can be executed...

CVE-2026-6000

A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...

CVE-2026-6004

A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument catid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...

CVE-2026-5999

A vulnerability has been found in JeecgBoot up to 3.9.1. This impacts an unknown function of the component SysAnnouncementController. Such manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor...

CVE-2026-6007 itsourcecode Construction Management System del.php sql injection

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2026-6006

The vulnerability affects code-projects Patient Record Management System 1.0, specifically the /edit_hpatient.php function where manipulating the ID parameter leads to a SQL injection. The issue is exploitable remotely and is described as a proof-of-concept in the provided details. No explicit re...

CVE-2026-6006 code-projects Patient Record Management System edit_hpatient.php sql injection

A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edithpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2026-6005

CVE-2026-6005 affects code-projects Patient Record Management System 1.0; the vulnerable component is hematology_print.php, where manipulating the hem_id parameter enables SQL injection. Exploitation is possible remotely and an exploit has been published. The provided documents do not include any...

EUVD-2026-21286

A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument catid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...

CVE-2026-6004 code-projects Simple IT Discussion Forum delete-category.php sql injection

A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument catid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...

CVE-2026-5998

A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file agent/memory/service.py of the component API Memory Content Endpoint. This manipulation of the argument filename causes path traversal. The attack can be initiated remotely. Th...

CVE-2026-6003 code-projects Simple IT Discussion Forum user.php cross site scripting

A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /admin/user.php. Such manipulation of the argument fname leads to cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2026-6003

CVE-2026-6003 concerns a cross-site scripting vulnerability in the code-projects Simple IT Discussion Forum 1.0. The issue arises in the admin/user.php handler, where manipulation of the fname argument can trigger script execution in remote contexts. The vulnerability is documented with low sever...

CVE-2026-6000

A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...

CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure

A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...

CVE-2026-6000 code-projects Online Library Management System SQL Database Backup File library.sql information disclosure

A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The...