Lucene search
K

2390 matches found

NVD
NVD
added 2026/04/17 3:16 p.m.10 views

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

9.8CVSS0.00677EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/17 12:0 a.m.30 views

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

0.00677EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/17 12:0 a.m.4 views

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

5.9AI score0.00677EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

CodeAstro Simple Attendance Management System 安全漏洞

CodeAstro Simple Attendance Management System is a simple attendance management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Simple Attendance Management System has a security vulnerability. This vulnerability stems from the SQL injection vulnerability in the username parameter...

9.8CVSS5.9AI score0.00677EPSS
Exploits1References1
CVE
CVE
added 2026/04/17 12:0 a.m.24 views

CVE-2026-37749

CodeAstro Simple Attendance Management System v1.0 is affected by a SQL injection in index.php via the username parameter, enabling remote unauthenticated attackers to bypass login and gain admin access. Root cause: direct interpolation of user input into the SQL query without proper escaping or ...

9.8CVSS5.9AI score0.00677EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.8 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/13 6:30 p.m.4 views

EUVD-2026-22016

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00268EPSS
Exploits0References6
NVD
NVD
added 2026/04/13 5:16 p.m.7 views

CVE-2026-6189

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS0.00268EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/13 4:0 p.m.2 views

CVE-2026-6189 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00268EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

SourceCodester Pharmacy Sales and Inventory System SQL注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect...

7.5CVSS7.2AI score0.00268EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/10 3:31 p.m.6 views

EUVD-2026-21386

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

5.9AI score0.00319EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 3:16 p.m.8 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

9.8CVSS0.00319EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/10 12:0 a.m.6 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

5.9AI score0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/10 12:0 a.m.34 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

0.00319EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.14 views

PT-2026-31927

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

5.9AI score0.00319EPSS
Exploits0References2
CVE
CVE
added 2026/04/10 12:0 a.m.12 views

CVE-2026-29861

CVE-2026-29861 affects PHP-MYSQL-User-Login-System v1.0, with a SQL injection vulnerability in login.php via the username parameter. The root cause is unsafely constructed SQL queries that incorporate unvalidated user input, leading to potential unauthorized disclosure/integrity impact and possib...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

PHP MySQL User Signup Login System 安全漏洞

PHP MySQL User Signup Login System is a MySQL registration and login system developed by Keerti Vishwkarma. Version 1.0 of the PHP MySQL User Signup Login System has a security vulnerability. This vulnerability stems from a flaw in the username parameter used in the login.php file, which may lead...

9.8CVSS5.8AI score0.00319EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/09 6:30 a.m.5 views

EUVD-2026-20849

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/09 4:0 a.m.5 views

CVE-2026-5840 PHPGurukul News Portal Project check_availability.php sql injection

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/09 4:0 a.m.3 views

CVE-2026-5840

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder