Lucene search
K

2213 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/01 7:45 a.m.9 views

CVE-2026-10237

A vulnerability was found in SourceCodester Water Billing Management System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser of the component User Management Module. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the atta...

5.8CVSS5.6AI score0.00262EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/01 7:45 a.m.24 views

CVE-2026-10237

CVE-2026-10237 affects SourceCodester Water Billing Management System 1.0. The vulnerability is an SQL injection in the User Management Module, exploitable by manipulating the ID argument in the /admin/?page=user/manage_user endpoint. The issue is remote and can be exploited with the exploit publ...

5.8CVSS5.6AI score0.00262EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:30 a.m.10 views

CVE-2026-10236

A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be launched remotely...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/01 7:30 a.m.43 views

CVE-2026-10236 SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization

A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be launched remotely...

7.5CVSS0.00371EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 7:30 a.m.9 views

CVE-2026-10236 SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization

A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be launched remotely...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/01 7:30 a.m.14 views

EUVD-2026-33579

A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be launched remotely...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References6
CVE
CVE
added 2026/06/01 7:30 a.m.26 views

CVE-2026-10236

Technical details about CVE-2026-10236 are not publicly available in the provided documents. Monitor for updates from authoritative sources for affected components, vulnerable files, and remediation steps.

7.5CVSS6.7AI score0.00371EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.20 views

PT-2026-45346

Name of the Vulnerable Software and Affected Versions SourceCodester Water Billing Management System version 1.0 Description Improper authorization occurs due to the processing of the '/classes/Users.php?f=save' endpoint within the User Management Endpoint component. This issue allows a remote...

7.5CVSS7.1AI score0.00371EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.18 views

PT-2026-45347

A vulnerability was found in SourceCodester Water Billing Management System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage user of the component User Management Module. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the...

5.8CVSS5.6AI score0.00262EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

SourceCodester Water Billing Management System 授权问题漏洞

The SourceCodester Water Billing Management System is an open-source water billing management system developed by SourceCodester. Version 1.0 of the SourceCodester Water Billing Management System has a vulnerability related to authorization issues. This vulnerability stems from a problem with the...

7.5CVSS7.3AI score0.00371EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

SourceCodester Water Billing Management System SQL注入漏洞

The SourceCodester Water Billing Management System is an open-source water billing management system developed by SourceCodester. Version 1.0 of the SourceCodester Water Billing Management System contains a SQL injection vulnerability. This vulnerability stems from incorrect parameter handling in...

5.8CVSS5.2AI score0.00262EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/29 2:46 p.m.12 views

EUVD-2018-21919

PHP-SHOP 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to add administrative users by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that automatically submits POST...

6.9CVSS5.7AI score0.00162EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 6:16 p.m.18 views

CVE-2026-46425

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...

9.9CVSS0.00286EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 5:6 p.m.10 views

CVE-2026-46425 Budibase: SCIM endpoints lack role-based authorization, BASIC users CRUD tenant users

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...

9.9CVSS5.8AI score0.00286EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:6 p.m.8 views

CVE-2026-46425

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM checks the Enterprise feature flag and SCIM config and doInScimContext sets the SCIM request context. There is no role check...

9.9CVSS5.8AI score0.00286EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.11 views

CVE-2026-9409

A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack...

5.3CVSS5.4AI score0.00198EPSS
Exploits0References1
PyPA
PyPA
added 2026/05/26 6:16 p.m.15 views

PYSEC-2026-167

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.7, an organization admin can escalate their privileges by adding a user from a different organization with higher privileges, to their own organization. This is due to incorrect ACL o...

7.2CVSS5.8AI score0.00316EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/25 2:16 a.m.13 views

CVE-2026-9409

A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack...

5.3CVSS0.00198EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/25 12:15 a.m.9 views

CVE-2026-9409 Sushmi-pal Invoice-System User Management user improper authorization

A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack...

5.3CVSS5.4AI score0.00198EPSS
Exploits0References4
CVE
CVE
added 2026/05/25 12:15 a.m.27 views

CVE-2026-9409

Sushmi-pal Invoice-System contains a flaw in the User Management Handler, affecting an unknown portion of the /user file. Manipulation of the role argument allows improper authorization, enabling a remote attack. The exploit has been published, and the product uses a rolling release with no versi...

5.3CVSS5.4AI score0.00198EPSS
Exploits0References4
Rows per page
Query Builder