CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CVE•added 2026/04/27 1:0 p.m.•25 views

CVE-2026-7126

CVE-2026-7126 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability is in /ajax.php?action=save_category, where manipulating the argument ID leads to a SQL injection. The issue can be exploited remotely, and a public exploit has been published. CVSS metrics indicate hi...

7.5CVSS7.3AI score0.00254EPSS

Exploits0References5

Positive Technologies•added 2026/04/27 12:0 a.m.•8 views

PT-2026-35420

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save category. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released ...

7.5CVSS7.2AI score0.00254EPSS

Exploits0References6

ATTACKERKB•added 2026/03/31 4:45 a.m.•5 views

CVE-2026-5181

A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some unknown processing of the file /doctorsappointment/admin/ajax.php?action=savecategory. Such manipulation of the argument img leads to unrestricted upload. The attack may be...

6.5CVSS5.4AI score0.00206EPSS

Exploits0References5Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-29656

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00438EPSS

Exploits1References6

Cvelist•added 2025/09/22 8:32 a.m.•8 views

CVE-2025-10790 SourceCodester Simple Forum Discussion System ajax.php sql injection

A security flaw has been discovered in SourceCodester Simple Forum Discussion System 1.0. This affects an unknown function of the file /ajax.php?action=savecategory. The manipulation of the argument Description results in sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS0.00308EPSS

Exploits1References5

RedhatCVE•added 2025/09/18 8:29 p.m.•6 views

CVE-2025-10563

A vulnerability has been found in Campcodes Grocery Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=savecategory. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the...

9.8CVSS7AI score0.00438EPSS

Exploits1References1

Vulnrichment•added 2025/09/16 8:2 p.m.•4 views

CVE-2025-10563 Campcodes Grocery Sales and Inventory System ajax.php sql injection

7.5CVSS6.8AI score0.00438EPSS

Exploits1References5

ATTACKERKB•added 2022/07/14 8:15 p.m.•2 views

CVE-2022-32318

Fast Food Ordering System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via the component /ffos/classes/Master.php?f=savecategory...

5.4CVSS5AI score0.00453EPSS

Exploits0References2

OSV•added 2022/06/16 3:15 p.m.•2 views

CVE-2022-31913

Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting XSS via /odfs/classes/Master.php?f=savecategory, name...

4.8CVSS5.8AI score0.00466EPSS

Exploits1References1

Positive Technologies•added 2022/06/16 12:0 a.m.•2 views

PT-2022-20987 · Unknown · Online Discussion Forum Site

Name of the Vulnerable Software and Affected Versions: Online Discussion Forum Site version 1.0 Description: The issue is related to Cross Site Scripting XSS via the "/odfs/classes/Master.php?f=save category" API endpoint, specifically affecting the name variable. This allows for potential...

4.8CVSS5.4AI score0.00466EPSS

Exploits1References5

ATTACKERKB•added 2022/05/24 3:15 p.m.•1 views

CVE-2022-30839

Room-rent-portal-site v1.0 is vulnerable to Cross Site Scripting XSS via /rrps/classes/Master.php?f=savecategory, vehiclename...

6.1CVSS5.8AI score0.006EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by