Lucene search
K

41189 matches found

Vulnrichment
Vulnrichment
added 2026/04/06 8:15 a.m.2 views

CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4
CVE
CVE
added 2026/04/06 8:15 a.m.13 views

CVE-2026-5637

CVE-2026-5637 affects projectworlds Car Rental System 1.0. The vulnerability lies in the Parameter Handler’s unknown code path that manipulates the Message argument in /message_admin.php, leading to an SQL injection. It can be exploited remotely, and the exploit has been disclosed publicly (explo...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/06 7:45 a.m.1 views

CVE-2026-5635 PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5
CVE
CVE
added 2026/04/06 7:45 a.m.14 views

CVE-2026-5635

CVE-2026-5635 affects PHPGurukul Online Shopping Portal Project 2.1. The vulnerability is in the Parameter Handler’s /categorywise-products.php, where manipulating the cid parameter leads to SQL injection. Attacks can be launched remotely and the exploit has been released publicly. Concrete remed...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 7:45 a.m.28 views

CVE-2026-5635 PHPGurukul Online Shopping Portal Project Parameter categorywise-products.php sql injection

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

6.5CVSS0.00246EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:45 a.m.5 views

CVE-2026-5635

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/06 7:30 a.m.9 views

CVE-2026-5634

CVE-2026-5634 affects the Projectworlds Car Rental Project 1.0. The vulnerability targets an unknown function in the file /book_car.php (Parameter Handler). Manipulating the fname argument results in a SQL injection, with remote, publicly available exploit code. The CVSS metrics in the connected ...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/06 7:30 a.m.27 views

CVE-2026-5634 projectworlds Car Rental Project Parameter book_car.php sql injection

A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /bookcar.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...

7.5CVSS0.00259EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:30 a.m.1 views

CVE-2026-5634

A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /bookcar.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/06 6:45 a.m.14 views

CVE-2026-5632

CVE-2026-5632 concerns assafelovic gpt-researcher (versions up to 3.4.3) where the HTTP REST API Endpoint has a missing authentication issue in a manipulated request. The vulnerability is remote, with PROOF-OF-CONCEPT exploitation and a CVSS base score in the MEDIUM-HIGH range across CVSS version...

7.5CVSS6.7AI score0.00414EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/06 6:45 a.m.1 views

CVE-2026-5632 assafelovic gpt-researcher HTTP REST API Endpoint missing authentication

A vulnerability was found in assafelovic gpt-researcher up to 3.4.3. This impacts an unknown function of the component HTTP REST API Endpoint. Performing a manipulation results in missing authentication. It is possible to initiate the attack remotely. The exploit has been made public and could be...

7.5CVSS6.7AI score0.00414EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/06 6:30 a.m.3 views

EUVD-2026-19178

A weakness has been identified in assafelovic gpt-researcher up to 3.4.3. This issue affects some unknown processing of the file gptresearcher/skills/researcher.py of the component WebSocket Interface. Executing a manipulation of the argument task can lead to cross site scripting. The attack may ...

5.3CVSS4.2AI score0.00286EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/06 6:30 a.m.6 views

EUVD-2026-19164

A vulnerability was detected in kalcaddle kodbox up to 1.64. This affects an unknown function of the component shareMake/shareCheck. Performing a manipulation of the argument siteFrom/siteTo results in server-side request forgery. The attack is possible to be carried out remotely. The complexity ...

6.3CVSS5.4AI score0.00323EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/06 6:30 a.m.3 views

CVE-2026-5631 assafelovic gpt-researcher ws Endpoint server_utils.py extract_command_data code injection

A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extractcommanddata of the file backend/server/serverutils.py of the component ws Endpoint. Such manipulation of the argument args leads to code injection. The attack may be performed from remote. T...

7.5CVSS6.7AI score0.00311EPSS
Exploits0References5
NVD
NVD
added 2026/04/06 6:16 a.m.2 views

CVE-2026-5629

A vulnerability was detected in Belkin F9K1015 1.00.10. The affected element is the function formSetFirewall of the file /goform/formSetFirewall. The manipulation of the argument webpage results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may...

9CVSS0.00687EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/06 6:0 a.m.33 views

CVE-2026-5629 Belkin F9K1015 formSetFirewall stack-based overflow

A vulnerability was detected in Belkin F9K1015 1.00.10. The affected element is the function formSetFirewall of the file /goform/formSetFirewall. The manipulation of the argument webpage results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may...

9CVSS0.00687EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/04/06 5:24 a.m.5 views

CVE-2026-5534

A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. The...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/06 5:24 a.m.5 views

CVE-2026-5540

A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS6.9AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/06 5:24 a.m.5 views

CVE-2026-5541

A vulnerability was found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the file /modmemberinfo.php of the component Parameter Handler. Performing a manipulation of the argument userid results in cross site scripting. The attack may be initiated remotel...

5.3CVSS4.4AI score0.00284EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/06 5:24 a.m.4 views

CVE-2026-5531

A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /logincredentials.txt of the component HTTP GET Request Handler. The manipulation leads to cleartext storage in a file or on disk. The attack may be initiated remotel...

6.9CVSS5.6AI score0.00204EPSS
Exploits0References1
Rows per page
Query Builder