Lucene search
K

660 matches found

Cvelist
Cvelist
added 2026/05/17 6:45 a.m.41 views

CVE-2026-8737 Sanluan PublicCMS Trade Address Query TradeAddressListDirective.java execute missing authentication

A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affects the function execute of the file publiccms-trade/src/main/java/com/publiccms/views/directive/trade/TradeAddressListDirective.java of the component Trade Address Query Handler. Executing a manipulation of the argume...

6.9CVSS0.00403EPSS
Exploits0References4
CVE
CVE
added 2026/05/17 6:45 a.m.23 views

CVE-2026-8737

Sanluan PublicCMS 5.202506.d contains a vulnerability in the Trade Address Query Handler component. The issue is in publiccms-trade/src/main/java/com/publiccms/views/directive/trade/TradeAddressListDirective.java, where manipulating the arguments userId/id can bypass authentication. The flaw allo...

6.9CVSS5.6AI score0.00403EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.14 views

PT-2026-41345

PHP Timeclock 1.04 contains time-based and boolean-based blind SQL injection vulnerabilities in the login userid parameter of login.php that allows unauthenticated attackers to extract database contents. Attackers can submit crafted POST requests with SQL payloads using SLEEP functions or RLIKE...

8.8CVSS5.9AI score0.0027EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/10 6:23 p.m.5 views

CVE-2026-33703

Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the /social-network/personal-data/userId endpoint allows any authenticated user to access full personal data and API tokens of arbitrary users by modifying the userId...

7.1CVSS6AI score0.00174EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/09 3:31 a.m.7 views

EUVD-2026-20815

A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. The attack can be initiated remotely. The exploit is now public and ma...

5.3CVSS4.5AI score0.00357EPSS
Exploits0References6
NVD
NVD
added 2026/04/09 1:16 a.m.9 views

CVE-2026-5825

A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. The attack can be initiated remotely. The exploit is now public and ma...

5.3CVSS0.00357EPSS
Exploits0References5
NVD
NVD
added 2026/04/09 12:16 a.m.4 views

CVE-2026-5824

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /userchecklogin.php. Such manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed public...

7.5CVSS0.00318EPSS
Exploits0References5
CVE
CVE
added 2026/04/09 12:15 a.m.11 views

CVE-2026-5825

CVE-2026-5825 affects code-projects’ Simple Laundry System 1.0. The vulnerability lies in /.delmemberinfo.php, where manipulating the userid argument triggers cross-site scripting. Reported as exploitable remotely, with the exploit public. CVSS details in the provided metrics indicate network att...

5.3CVSS4.5AI score0.00357EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/09 12:15 a.m.4 views

CVE-2026-5825 code-projects Simple Laundry System delmemberinfo.php cross site scripting

A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. The attack can be initiated remotely. The exploit is now public and ma...

5.3CVSS4.5AI score0.00357EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/09 12:15 a.m.32 views

CVE-2026-5825 code-projects Simple Laundry System delmemberinfo.php cross site scripting

A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. The attack can be initiated remotely. The exploit is now public and ma...

5.3CVSS0.00357EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.5 views

PT-2026-31557

A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. The attack can be initiated remotely. The exploit is now public and ma...

5.3CVSS4.5AI score0.00357EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.11 views

Code-Projects Simple Laundry System SQL注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of Code-Projects Simple Laundry System contains a SQL...

7.5CVSS7.2AI score0.00318EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/08 11:45 p.m.1 views

CVE-2026-5824

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /userchecklogin.php. Such manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed public...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/04/08 11:45 p.m.34 views

CVE-2026-5824 code-projects Simple Laundry System userchecklogin.php sql injection

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /userchecklogin.php. Such manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed public...

7.5CVSS0.00318EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/08 11:45 p.m.3 views

EUVD-2026-20813

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /userchecklogin.php. Such manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed public...

7.5CVSS5.8AI score0.00318EPSS
Exploits0References5
CVE
CVE
added 2026/04/08 11:45 p.m.10 views

CVE-2026-5824

The CVE-2026-5824 entry concerns code-projects Simple Laundry System 1.0. An SQL injection vulnerability exists in an unknown part of the file /userchecklogin.php, triggered by manipulating the userid argument. The issue is exploitable remotely and the exploit is publicly disclosed. No remediatio...

7.5CVSS5.8AI score0.00318EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31556

Name of the Vulnerable Software and Affected Versions Simple Laundry System version 1.0 Description A security issue exists in code-projects Simple Laundry System 1.0. Manipulation of the userid argument in the /userchecklogin.php file can lead to SQL injection. This attack can be launched...

7.5CVSS7AI score0.00318EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/04/06 5:0 p.m.5 views

CVE-2026-5565

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack may be launche...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/06 5:24 a.m.6 views

CVE-2026-5541

A vulnerability was found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the file /modmemberinfo.php of the component Parameter Handler. Performing a manipulation of the argument userid results in cross site scripting. The attack may be initiated remotel...

5.3CVSS4.4AI score0.00284EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/05 12:0 p.m.4 views

CVE-2026-5565

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack may be launche...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder