528 matches found
CVE-2026-6207
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
EUVD-2026-34841
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-6209
...
CVE-2026-6208
CVE-2026-6208 entry is rejected/not used and does not represent an active vulnerability.
CVE-2026-6208
...
EUVD-2026-34836
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-6207
CVE-2026-6207 is rejected and not an active vulnerability entry.
CVE-2026-6207
...
PT-2026-46966
Authorization bypass through User-Controlled key vulnerability in HAVELSAN Inc. Geographic Tracking System allows Exploitation of Trusted Identifiers. This issue affects Geographic Tracking System: before v0.0.2...
PT-2026-46965
Observable response discrepancy vulnerability in HAVELSAN Inc. Geographic Tracking System allows System Footprinting. This issue affects Geographic Tracking System: before v0.0.2...
PT-2026-46967
Improper Access Control, Missing Authorization vulnerability in HAVELSAN Inc. Geographic Tracking System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Geographic Tracking System: before v0.0.2...
EUVD-2026-22032
A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may...
CVE-2026-6193
PHPGurukul Daily Expense Tracking System 1.1 has an SQL injection in an unknown function of /register.php triggered by manipulating the email parameter. The issue can be exploited remotely, and public exploits exist. The CVSS data indicates Network attack vector, low attack complexity, no privile...
EUVD-2018-21645
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...
CVE-2018-25192
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...
CVE-2018-25161
Warranty Tracking System 11.06.3 contains an SQL injection vulnerability that allows attackers to execute arbitrary SQL queries by injecting malicious code through the txtCustomerCode, txtCustomerName, and txtPhone POST parameters in SearchCustomer.php. Attackers can submit crafted SQL statements...
CVE-2018-25192
GPS Tracking System 2.12 is vulnerable to SQL injection via the username parameter in login.php, allowing unauthenticated bypass of authentication. The underlying issue is a SQL injection in the login flow, enabling attackers to gain unauthorized access without valid credentials. Reported impact ...
CVE-2018-25192 GPS Tracking System 2.12 SQL Injection via username Parameter
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...
CVE-2018-25192 GPS Tracking System 2.12 SQL Injection via username Parameter
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username...
CVE-2018-25161 Warranty Tracking System 11.06.3 SQL Injection via SearchCustomer.php
Warranty Tracking System 11.06.3 contains an SQL injection vulnerability that allows attackers to execute arbitrary SQL queries by injecting malicious code through the txtCustomerCode, txtCustomerName, and txtPhone POST parameters in SearchCustomer.php. Attackers can submit crafted SQL statements...