Lucene search
K

41220 matches found

CVE
CVE
added 2026/04/05 12:30 a.m.21 views

CVE-2026-5530

Ollama up to 18.1 contains a flaw in the Model Pull API’s file server/download.go that allows manipulation leading to server-side request forgery (SSRF). The issue can be exploited remotely. Connected sources confirm the vulnerable component and impact, but no vendor patch or remediation is docum...

6.5CVSS6.2AI score0.00288EPSS
Exploits2References3
Cvelist
Cvelist
added 2026/04/05 12:15 a.m.28 views

CVE-2026-5529 Dromara lamp-cloud DefUserController pageUser improper authorization

A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now...

5.3CVSS0.00273EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/05 12:15 a.m.1 views

CVE-2026-5529 Dromara lamp-cloud DefUserController pageUser improper authorization

A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now...

5.3CVSS5.5AI score0.00273EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 12:15 a.m.2 views

CVE-2026-5529

A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now...

5.3CVSS5.5AI score0.00273EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.4 views

PT-2026-30403

A vulnerability was found in ScrapeGraphAI scrapegraph-ai up to 1.74.0. The affected element is the function create sandbox and execute of the file scrapegraphai/nodes/generate code node.py of the component GenerateCodeNode Component. The manipulation results in os command injection. The attack m...

7.5CVSS5.6AI score0.01449EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.4 views

PT-2026-30410

A flaw has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /modifymember.php of the component Parameter Handler. This manipulation of the argument firstName causes cross site scripting. The attack can be initiated remotely. The exploit has been...

5.3CVSS4.4AI score0.00284EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.7 views

PT-2026-30402

A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /login credentials.txt of the component HTTP GET Request Handler. The manipulation leads to cleartext storage in a file or on disk. The attack may be initiated...

6.9CVSS5.4AI score0.00204EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.3 views

PT-2026-30455

A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes code injection. The attack is possible to be carried out remotely. The exploit has been made...

6.5CVSS6.3AI score0.00246EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30428

A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely...

6.5CVSS6.3AI score0.00255EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.14 views

PT-2026-30438

Name of the Vulnerable Software and Affected Versions Technostrobe HI-LED-WR120-G2 version 5.5.0.1R6.03.30 Description A vulnerability exists in Technostrobe HI-LED-WR120-G2 version 5.5.0.1R6.03.30. The issue involves improper access controls within an unknown function of the /Technostrobe/ file ...

9.8CVSS6.9AI score0.00448EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.8 views

PT-2026-30420

A vulnerability was determined in Tenda AC10 16.03.10.10 multi TDE01. Affected by this issue is some unknown functionality of the file /webroot ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The...

6.9CVSS5.6AI score0.00395EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30389

A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization. The attack can be initiated remotely. The exploit is now...

5.3CVSS5.5AI score0.00273EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30429

A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function is safe ast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack m...

6.5CVSS6AI score0.00314EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.7 views

PT-2026-30414

A vulnerability was determined in code-projects Simple Laundry System 1.0. Impacted is an unknown function of the file /modstaffinfo.php of the component Parameter Handler. Executing a manipulation of the argument userid can lead to cross site scripting. The attack may be launched remotely. The...

5.3CVSS4.2AI score0.00337EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.4 views

PT-2026-30435

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack may be launche...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.8 views

PT-2026-30412

A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30425

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.11 views

PT-2026-30511

A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been made public...

6.9CVSS5.4AI score0.00292EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30427

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...

6.5CVSS6.2AI score0.0036EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.9 views

PT-2026-30421

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References6
Rows per page
Query Builder