Lucene search
K

2384 matches found

CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

SourceCodester Inventory System 跨站脚本漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System has a cross-site scripting vulnerability. This vulnerability stems from the handling of parameters fullname and username in the users.php componen...

5.3CVSS4.6AI score0.00388EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/08 12:0 a.m.12 views

EUVD-2026-35076

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS5.5AI score0.00529EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.14 views

CVE-2026-11338

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.8AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.13 views

CVE-2026-10296

A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been publicl...

6.5CVSS6.4AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.13 views

CVE-2026-36227

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

6.5CVSS5.9AI score0.00866EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.10 views

CVE-2026-10262

A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.16 views

CVE-2026-10704

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS7AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.10 views

CVE-2026-8132

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

7.5CVSS7AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.9 views

CVE-2026-42062

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...

9.8CVSS7.9AI score0.01633EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 4:15 p.m.10 views

CVE-2026-11338 SourceCodester Ship Ferry Ticket Reservation System manage_user cross site scripting

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.6AI score0.0021EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/05 4:15 p.m.13 views

EUVD-2026-34856

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.8AI score0.0021EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.9 views

SourceCodester Ship Ferry Ticket Reservation SQL注入漏洞

SourceCodester Ship Ferry Ticket Reservation is an open-source ticket reservation service developed by SourceCodester. Versions of SourceCodester Ship Ferry Ticket Reservation prior to 1.0 contained a SQL injection vulnerability. This vulnerability stemmed from improper handling of the Username...

7.5CVSS7.5AI score0.00328EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

SourceCodester Ship Ferry Ticket Reservation System 代码注入漏洞

The SourceCodester Ship Ferry Ticket Reservation System is an open-source booking system for ship tickets developed by SourceCodester. Version 1.0 of the SourceCodester Ship Ferry Ticket Reservation System has a code injection vulnerability. This vulnerability stems from improper handling of the...

4.8CVSS4.3AI score0.0021EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/04 11:45 p.m.39 views

CVE-2026-10877 SourceCodester Ship Ferry Ticket Reservation System Admin Login login.php sql injection

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Username leads to sql injection. The attack can be executed...

7.5CVSS0.00328EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:45 a.m.8 views

CVE-2026-10704

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/01 10:0 p.m.18 views

CVE-2026-10296

CVE-2026-10296 affects itsourcecode Fees Management System 1.0. The vulnerability concerns the /ajax.php file, where manipulation of the Username argument can lead to SQL injection. The attack can be performed remotely, and a publicly disclosed exploit exists. No remediation or patch details are ...

6.5CVSS5.6AI score0.0025EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 10:0 p.m.9 views

CVE-2026-10296 itsourcecode Fees Management System ajax.php sql injection

A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been publicl...

6.5CVSS6.4AI score0.0025EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 1:45 p.m.9 views

CVE-2026-10262

A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/01 1:45 p.m.30 views

CVE-2026-10262 code-projects Real State Services Login loginuser.php sql injection

A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

7.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/06/01 1:16 p.m.15 views

CVE-2026-10251

A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00263EPSS
Exploits0References6
Rows per page
Query Builder