Lucene search
K

2325 matches found

NVD
NVD
added 2026/06/04 10:16 p.m.13 views

CVE-2026-10871

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start6rdtunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv66rdborderrelay leads to os command injection. It is possible to launch the attack remotely. The...

8.6CVSS0.02199EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46409

A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The manipulation of the argument social twitter results in sql injection. The attack may be launched remotely. The exploit has bee...

6.5CVSS6.4AI score0.00303EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/03 10:1 p.m.13 views

CVE-2026-10221

A vulnerability was identified in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function compresscontext of the file runagent.py. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be use...

7.5CVSS6.8AI score0.00304EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:45 a.m.8 views

CVE-2026-10704

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/03 12:30 a.m.12 views

EUVD-2026-34036

A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blendermcp/server.py. The manipulation of the argument inputimageurl leads to injection. Remote exploitation of the attack is possible. The exploit...

5.3CVSS5.3AI score0.00248EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/06/02 9:30 p.m.9 views

CVE-2026-10661 ahujasid blender-mcp server.py open injection

A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blendermcp/server.py. The manipulation of the argument inputimageurl leads to injection. Remote exploitation of the attack is possible. The exploit...

5.3CVSS5.3AI score0.00248EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/02 9:30 p.m.11 views

CVE-2026-10661

A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blendermcp/server.py. The manipulation of the argument inputimageurl leads to injection. Remote exploitation of the attack is possible. The exploit...

5.3CVSS5.3AI score0.00248EPSS
Exploits0References8
NVD
NVD
added 2026/06/02 8:16 p.m.10 views

CVE-2026-10607

A vulnerability was identified in DedeCMS 5.7.88. The impacted element is the function dedehtmlspecialchars of the file /plus/flink.php. The manipulation of the argument msg leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

7.5CVSS0.00313EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.12 views

CVE-2026-10220

A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function servepluginskill/skillview of the file tools/skillstool.py. Executing a manipulation can lead to injection. The attack may be performed from remote. The exploit has been publicly disclosed and ma...

7.5CVSS5.5AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.16 views

CVE-2026-10176

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and...

6.5CVSS5.6AI score0.00204EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 2:15 a.m.11 views

EUVD-2026-33877

A vulnerability was detected in itsourcecode Fees Management System 1.0. Affected is an unknown function of the file /managepayment.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

6.5CVSS5.7AI score0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.13 views

PT-2026-46696

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in XML allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is a vulnerability that enables the execution of arbitrary scripts ...

9.6CVSS6.2AI score0.00985EPSS
Exploits0References434
RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.12 views

CVE-2026-10155

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accountsreportsearch of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDat...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:30 p.m.11 views

CVE-2026-10286

A vulnerability was found in CodeAstro Payroll System 1.0. This affects an unknown part of the file /homeemployee.php. The manipulation of the argument empid results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

6.5CVSS5.6AI score0.00204EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/01 1:30 p.m.30 views

CVE-2026-10261 CodeAstro Online Job Portal application_status.php sql injection

A flaw has been found in CodeAstro Online Job Portal 1.0. This affects an unknown function of the file /users/applicationstatus.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used...

7.5CVSS0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/01 12:30 p.m.31 views

CVE-2026-10257 itsourcecode Content Management System update_ss_img.php sql injection

A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/updatessimg.php. The manipulation of the argument topicid results in sql injection. The attack can be executed remotely. The exploit has been released t...

6.5CVSS0.002EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 11:15 a.m.11 views

CVE-2026-10252

A security vulnerability has been detected in itsourcecode Online House Rental System 1.0. This affects an unknown function of the file /managetenant.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/01 11:15 a.m.30 views

CVE-2026-10252 itsourcecode Online House Rental System manage_tenant.php sql injection

A security vulnerability has been detected in itsourcecode Online House Rental System 1.0. This affects an unknown function of the file /managetenant.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

7.5CVSS0.00263EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 10:30 a.m.10 views

CVE-2026-10249

A vulnerability was identified in itsourcecode Online Blood Bank Management System 1.0. Impacted is an unknown function of the file /admin/viewrequest.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might...

7.5CVSS7AI score0.00269EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/01 10:15 a.m.12 views

CVE-2026-10248 SourceCodester Pharmacy Sales and Inventory System Supplier Creation export create_supplier csv injection

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function createsupplier of the file /Exportcsv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection...

5.8CVSS5.5AI score0.00248EPSS
Exploits0References6
Rows per page
Query Builder