Lucene search
K

16115 matches found

RedhatCVE
RedhatCVE
added 2026/05/09 2:21 a.m.8 views

CVE-2026-8128

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made...

7.5CVSS5.6AI score0.00254EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/08 6:32 a.m.10 views

EUVD-2026-28523

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and...

4.8CVSS4.1AI score0.00202EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/08 6:32 a.m.9 views

EUVD-2026-28519

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

7.5CVSS7AI score0.00254EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/08 6:32 a.m.12 views

EUVD-2026-28520

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References6
NVD
NVD
added 2026/05/08 4:16 a.m.17 views

CVE-2026-8136

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and...

4.8CVSS0.00202EPSS
Exploits0References5
NVD
NVD
added 2026/05/08 4:16 a.m.13 views

CVE-2026-8129

A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a manipulation of the argument delwlistid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly...

7.5CVSS0.00254EPSS
Exploits0References5
NVD
NVD
added 2026/05/08 4:16 a.m.18 views

CVE-2026-8130

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

7.5CVSS0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/08 3:45 a.m.34 views

CVE-2026-8136 SourceCodester Pharmacy Sales and Inventory System index.php users cross site scripting

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and...

4.8CVSS0.00202EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/08 3:45 a.m.9 views

CVE-2026-8136 SourceCodester Pharmacy Sales and Inventory System index.php users cross site scripting

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /index.php?page=users. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and...

4.8CVSS4.1AI score0.00202EPSS
Exploits0References5
CVE
CVE
added 2026/05/08 3:45 a.m.15 views

CVE-2026-8136

SourceCodester Pharmacy Sales and Inventory System 1.0 contains a cross-site scripting vulnerability in an unspecified part of /index.php?page=users. The issue arises from manipulating the Name parameter, allowing remote attacker input to be reflected and executed in the browser. Exploitation is ...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/08 3:30 a.m.12 views

EUVD-2026-28488

A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file postcomment.php. This manipulation of the argument Name causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

7.5CVSS5.6AI score0.00254EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/08 3:30 a.m.9 views

EUVD-2026-28489

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References6
NVD
NVD
added 2026/05/08 3:16 a.m.18 views

CVE-2026-8126

A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file postcomment.php. This manipulation of the argument Name causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

7.5CVSS0.00254EPSS
Exploits0References5
NVD
NVD
added 2026/05/08 3:16 a.m.15 views

CVE-2026-8128

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made...

7.5CVSS0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/08 3:0 a.m.29 views

CVE-2026-8131 SourceCodester SUP Online Shopping replymsg.php sql injection

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS0.00318EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/08 3:0 a.m.11 views

CVE-2026-8131

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/08 3:0 a.m.13 views

CVE-2026-8131

SourceCodester SUP Online Shopping 1.0 contains a SQL injection in /admin/replymsg.php via the msgid parameter. The affected component is a server-side PHP script handling admin replies. Exploitation is remote and the vulnerability is evidenced by publicly released exploits; CVSS data indicate a ...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:45 a.m.6 views

CVE-2026-8130

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

7.5CVSS7AI score0.00254EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/08 2:45 a.m.9 views

CVE-2026-8130 SourceCodester SUP Online Shopping message.php sql injection

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

7.5CVSS7AI score0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/08 2:45 a.m.31 views

CVE-2026-8130 SourceCodester SUP Online Shopping message.php sql injection

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

7.5CVSS0.00254EPSS
Exploits0References5
Rows per page
Query Builder