Lucene search
K

41189 matches found

RedhatCVE
RedhatCVE
added 2026/04/06 5:24 a.m.5 views

CVE-2026-5542

A vulnerability was determined in code-projects Simple Laundry System 1.0. Impacted is an unknown function of the file /modstaffinfo.php of the component Parameter Handler. Executing a manipulation of the argument userid can lead to cross site scripting. The attack may be launched remotely. The...

5.3CVSS4.2AI score0.00337EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 5:15 a.m.5 views

CVE-2026-5625

A weakness has been identified in assafelovic gpt-researcher up to 3.4.3. This issue affects some unknown processing of the file gptresearcher/skills/researcher.py of the component WebSocket Interface. Executing a manipulation of the argument task can lead to cross site scripting. The attack may ...

5.3CVSS4.2AI score0.00286EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 5:15 a.m.4 views

CVE-2026-5625 assafelovic gpt-researcher WebSocket researcher.py cross site scripting

A weakness has been identified in assafelovic gpt-researcher up to 3.4.3. This issue affects some unknown processing of the file gptresearcher/skills/researcher.py of the component WebSocket Interface. Executing a manipulation of the argument task can lead to cross site scripting. The attack may ...

5.3CVSS4.2AI score0.00286EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 5:15 a.m.33 views

CVE-2026-5625 assafelovic gpt-researcher WebSocket researcher.py cross site scripting

A weakness has been identified in assafelovic gpt-researcher up to 3.4.3. This issue affects some unknown processing of the file gptresearcher/skills/researcher.py of the component WebSocket Interface. Executing a manipulation of the argument task can lead to cross site scripting. The attack may ...

5.3CVSS0.00286EPSS
Exploits0References5
CVE
CVE
added 2026/04/06 5:15 a.m.19 views

CVE-2026-5625

The CVE-2026-5625 entry concerns assafelovic gpt-researcher (up to version 3.4.3) in the WebSocket Interface component. The vulnerability arises from a weakness in processing of the file gpt_researcher/skills/researcher.py, where manipulating the argument task can trigger a cross-site scripting (...

5.3CVSS4.2AI score0.00286EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/06 4:45 a.m.4 views

CVE-2026-5623 hcengineering Huly Platform Import Endpoint index.ts server-side request forgery

A vulnerability was identified in hcengineering Huly Platform 0.7.382. This affects an unknown part of the file server/front/src/index.ts of the component Import Endpoint. Such manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit is publicly availabl...

6.5CVSS6.2AI score0.00199EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/06 4:45 a.m.30 views

CVE-2026-5623 hcengineering Huly Platform Import Endpoint index.ts server-side request forgery

A vulnerability was identified in hcengineering Huly Platform 0.7.382. This affects an unknown part of the file server/front/src/index.ts of the component Import Endpoint. Such manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit is publicly availabl...

6.5CVSS0.00199EPSS
Exploits0References3
CVE
CVE
added 2026/04/06 4:45 a.m.6 views

CVE-2026-5623

CVE-2026-5623 affects hcengineering Huly Platform 0.7.382, specifically the Import Endpoint in file server/front/src/index.ts. The vulnerability enables server-side request forgery (SSRF) through manipulation of the indicated component, with remote exploitability. Public exploit exists; disclosur...

6.5CVSS6.2AI score0.00199EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/06 4:30 a.m.32 views

CVE-2026-5622 hcengineering Huly Platform JWT Token token.ts hard-coded key

A vulnerability was determined in hcengineering Huly Platform 0.7.382. Affected by this issue is some unknown functionality of the file foundations/core/packages/token/src/token.ts of the component JWT Token Handler. This manipulation of the argument SERVERSECRET with the input secret causes use ...

6.3CVSS0.00255EPSS
Exploits0References3
NVD
NVD
added 2026/04/06 4:16 a.m.4 views

CVE-2026-5618

A vulnerability was detected in kalcaddle kodbox up to 1.64. This affects an unknown function of the component shareMake/shareCheck. Performing a manipulation of the argument siteFrom/siteTo results in server-side request forgery. The attack is possible to be carried out remotely. The complexity ...

6.3CVSS0.00323EPSS
Exploits0References4
NVD
NVD
added 2026/04/06 4:16 a.m.2 views

CVE-2026-5616

A security vulnerability has been detected in JeecgBoot 3.9.0/3.9.1. The impacted element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java of the component AI Chat Module. Such manipulation leads to...

7.5CVSS0.00409EPSS
Exploits0References7
CVE
CVE
added 2026/04/06 4:0 a.m.7 views

CVE-2026-5620

CVE-2026-5620 affects itsourcecode Construction Management System 1.0. The vulnerable element is an unknown function in the file /borrowed_equip_report.php within the Parameter Handler component. Manipulating the argument Home leads to a SQL injection . It can be exploited remotely, and the explo...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/06 4:0 a.m.22 views

CVE-2026-5620 itsourcecode Construction Management System Parameter borrowed_equip_report.php sql injection

A vulnerability has been found in itsourcecode Construction Management System 1.0. Affected is an unknown function of the file /borrowedequipreport.php of the component Parameter Handler. The manipulation of the argument Home leads to sql injection. It is possible to initiate the attack remotely...

6.5CVSS0.00204EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/06 3:30 a.m.4 views

EUVD-2026-19154

A vulnerability was identified in Belkin F9K1015 1.00.10. This issue affects the function formReboot of the file /goform/formReboot. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be...

9CVSS7.8AI score0.00687EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/06 3:30 a.m.5 views

EUVD-2026-19153

A vulnerability was determined in Belkin F9K1015 1.00.10. This vulnerability affects the function formWlEncrypt of the file /goform/formWlEncrypt. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been...

9CVSS7.8AI score0.00687EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/06 3:30 a.m.6 views

EUVD-2026-19152

A vulnerability was found in Belkin F9K1015 1.00.10. This affects the function formCrossBandSwitch of the file /goform/formCrossBandSwitch. Performing a manipulation of the argument webpage results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made...

9CVSS7.7AI score0.00687EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/06 3:30 a.m.4 views

EUVD-2026-19148

A flaw has been found in Tenda i12 1.0.0.113862. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wlradio causes stack-based buffer overflow. It is possible to initiate the...

9CVSS7.7AI score0.00632EPSS
Exploits1References6
EUVD
EUVD
added 2026/04/06 3:30 a.m.3 views

EUVD-2026-19144

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

6.5CVSS6.1AI score0.00268EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/06 3:30 a.m.4 views

EUVD-2026-19146

A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. Th...

9CVSS7.7AI score0.00725EPSS
Exploits1References5
NVD
NVD
added 2026/04/06 3:16 a.m.3 views

CVE-2026-5611

A vulnerability was found in Belkin F9K1015 1.00.10. This affects the function formCrossBandSwitch of the file /goform/formCrossBandSwitch. Performing a manipulation of the argument webpage results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made...

9CVSS0.00687EPSS
Exploits1References4
Rows per page
Query Builder