Lucene search
K

6357 matches found

Nuclei
Nuclei
added yesterday15 views

Dzzoffice 2.02.1 - Cross-Site Scripting

Dzzoffice 2.02.1SCUTF8 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the zero parameter. id: CVE-2021-30203 info: name: Dzzoffice 2.02.1 - Cross-Site Scripting author: arafatansari severity: high description: | Dzzoffice...

6.1CVSS6.5AI score0.00596EPSS
Exploits1References2
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-41175

Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40134

A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parsebyblocktype of the file lightpcapng.c of the component LightPcapNg Parser. Performing a manipulation of the argument capturedpacketlength results in heap-based buffer overflow. It is possible to...

6.3CVSS5.7AI score0.00419EPSS
Exploits0References7
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-40071

A security vulnerability has been detected in Edimax EW-7478APC 1.04. The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler. The manipulation of the argument submit-url leads to os command injection. The attack is possible to be carri...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References5
NVD
NVD
added 5 days ago7 views

CVE-2026-13552

A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/modamenities/controller.php?action=edit. Performing a manipulation of the argument amenid results in sql injection. It is possible to initiate the attack remotely...

7.5CVSS0.00412EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40058

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/modusers/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploi...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References6
NVD
NVD
added 5 days ago9 views

CVE-2026-13550

A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been mad...

7.5CVSS0.00263EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-40065

A vulnerability has been found in itsourcecode Online Hotel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/modamenities/controller.php?action=add of the component POST Request Handler. The manipulation of the argument Name leads to cross site...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
CVE
CVE
added 5 days ago12 views

CVE-2026-13554

CVE-2026-13554 affects itsourcecode Online Hotel Management System 1.0. Affected component: POST Request Handler at /admin/mod_amenities/controller.php?action=add. The vulnerability arises from manipulation of the Name argument, resulting in a cross-site scripting (XSS) condition. The description...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
CVE
CVE
added 5 days ago12 views

CVE-2026-13552

The CVE-2026-13552 entry concerns itsourcecode Online Hotel Management System 1.0. A SQL injection vulnerability exists in the file /admin/mod_amenities/controller.php?action=edit triggered by manipulating the amen_id argument. This vulnerability can be exploited remotely, and public exploitation...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-40033

A vulnerability has been found in GotoHTTP up to 10.2. This issue affects some unknown processing of the file /reg.12x. The manipulation of the argument sn leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor...

5.3CVSS4.2AI score0.00284EPSS
Exploits0References5
NVD
NVD
added 5 days ago7 views

CVE-2026-13531

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /department.php. The manipulation of the argument editid results in sql injection. The attack may be performed from remote. The exploit has been released to the public a...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 5 days ago8 views

CVE-2026-13530

A vulnerability was identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /appointmentdetail.php of the component Appointment Handler. The manipulation of the argument editid leads to sql injection. The attack is possible to be carried out remotel...

6.5CVSS0.002EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-40013

A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...

9CVSS8AI score0.00466EPSS
Exploits0References7
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-40012

A security vulnerability has been detected in Tenda JD12L 16.03.53.23. Impacted is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. Such manipulation of the argument startIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclos...

9CVSS8AI score0.00476EPSS
Exploits0References7
NVD
NVD
added 5 days ago9 views

CVE-2026-13516

A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...

9CVSS0.00466EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 5 days ago11 views

PT-2026-53243

Name of the Vulnerable Software and Affected Versions itsourcecode Online Hotel Management System version 1.0 Description A remote cross site scripting issue exists in the POST Request Handler component. The flaw occurs when the Name argument is manipulated within the '/admin/mod...

5.3CVSS5.4AI score0.00443EPSS
Exploits0References10
Nuclei
Nuclei
added 6 days ago20 views

Grandstream UCM6200 - SQL Injection

Grandstream UCM6200 series contains an unauthenticated remote SQL injection caused by crafted HTTP requests, letting attackers execute shell commands as root on versions before 1.0.19.20 or inject HTML in emails before 1.0.20.17. id: CVE-2020-5722 info: name: Grandstream UCM6200 - SQL Injection...

10CVSS7.5AI score0.83926EPSS
Exploits8References2
Nuclei
Nuclei
added 6 days ago127 views

SAP Solution Manager 7.2 - Remote Command Execution

SAP Solution Manager SolMan running version 7.2 has a remote command execution vulnerability within the SAP EEM servlet tcsmdagentapplicationeem. The vulnerability occurs due to missing authentication checks when submitting SOAP requests to the /EemAdminService/EemAdmin page to get information...

10CVSS7.8AI score0.98376EPSS
Exploits7References7
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-13496 itsourcecode Hospital Management System ajaxmedicine.php sql injection

A vulnerability was found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /ajaxmedicine.php. The manipulation of the argument medicineid results in sql injection. It is possible to launch the attack remotely. The exploit has been made public...

6.5CVSS0.00204EPSS
Exploits0References6
Rows per page
Query Builder