Lucene search
K

216681 matches found

Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28682

A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The affected element is an unknown function of the file /DevicePrint.do?Action=ReadTask of the component Parameter Handler. The manipulation of the argument State results in sql injection. The attack can be launch...

7.5CVSS5.8AI score0.00318EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/27 12:0 a.m.2 views

CVE-2026-24031

Dovecot SQL based authentication can be bypassed when authusernamechars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear authusernamechars. If this is not possible, install latest fixed version. No publicly available exploits...

8.2CVSS5.9AI score0.00395EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.3 views

PT-2026-28626

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.81.0 Description Fleet is open source device management software susceptible to a second-order SQL injection in its Apple MDM profile delivery pipeline. An attacker possessing a valid MDM enrollment certificate could...

8.8CVSS5.9AI score0.08123EPSS
Exploits7References45
Cvelist
Cvelist
added 2026/03/27 12:0 a.m.21 views

CVE-2026-30534

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

0.00328EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30534

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

6AI score0.00328EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/27 12:0 a.m.21 views

CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

0.00446EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30533

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...

6AI score0.00394EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30531

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecategory action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious S...

6AI score0.00445EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.2 views

CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

6AI score0.00446EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.7 views

SourceCodester Online Food Ordering System 安全漏洞

The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the saveuser operation in the Actions.php file,...

8.8CVSS5.9AI score0.00446EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.4 views

PT-2026-28404

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the save category action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious...

8.8CVSS6AI score0.00445EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.6 views

Code-Projects Simple Laundry System SQL注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of Code-Projects Simple Laundry System contains a SQL...

9.8CVSS7.2AI score0.00393EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.4 views

PT-2026-28406

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage product.php file via the "id" parameter...

9.8CVSS6AI score0.00394EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30534

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

6AI score0.00328EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30530

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecustomer action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL command...

6AI score0.00476EPSS
Exploits1References2
CVE
CVE
added 2026/03/27 12:0 a.m.9 views

CVE-2026-30529

CVE-2026-30529 affects SourceCodester Online Food Ordering System v1.0, specifically in Actions.php (save_user action). The vulnerability arises from improper sanitization of the username parameter, enabling an authenticated attacker to inject malicious SQL commands. Connected sources confirm the...

8.8CVSS6AI score0.00446EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.3 views

CVE-2026-30532

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/viewproduct.php file via the "id" parameter...

6AI score0.0033EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.6 views

Shenzhen Ruiming Streamax Crocus SQL注入漏洞

Shenzhen Ruiming Streamax Crocus is a vehicle monitoring device developed by Shenzhen Ruiming Corporation. Version 1.3.44 of Shenzhen Ruiming Streamax Crocus contains an SQL injection vulnerability. This vulnerability arises from improper handling of the VehicleID parameter in the...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.2 views

PT-2026-28528

Name of the Vulnerable Software and Affected Versions Group-Office versions prior to 6.8.158 Group-Office versions prior to 25.0.92 Group-Office versions prior to 26.0.17 Description Group-Office is an enterprise customer relationship management and groupware tool. An authenticated SQL Injection...

8.8CVSS6.1AI score0.00387EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.7 views

PT-2026-28692

Name of the Vulnerable Software and Affected Versions itsourcecode Free Hotel Reservation System version 1.0 Description A flaw exists in itsourcecode Free Hotel Reservation System version 1.0 that may allow for SQL injection. The issue is located in the file /admin/mod room/index.php?view=edit...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References9
Rows per page
Query Builder