Lucene search
K

2388 matches found

Vulnrichment
Vulnrichment
added 2026/04/17 12:0 a.m.4 views

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

5.9AI score0.00677EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

CodeAstro Simple Attendance Management System 安全漏洞

CodeAstro Simple Attendance Management System is a simple attendance management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Simple Attendance Management System has a security vulnerability. This vulnerability stems from the SQL injection vulnerability in the username parameter...

9.8CVSS5.9AI score0.00677EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/17 12:0 a.m.30 views

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

0.00677EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.8 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/13 6:30 p.m.4 views

EUVD-2026-22016

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00268EPSS
Exploits0References6
NVD
NVD
added 2026/04/13 5:16 p.m.6 views

CVE-2026-6189

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS0.00268EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/13 4:0 p.m.2 views

CVE-2026-6189 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00268EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

SourceCodester Pharmacy Sales and Inventory System SQL注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect...

7.5CVSS7.2AI score0.00268EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/10 3:31 p.m.6 views

EUVD-2026-21386

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

5.9AI score0.00319EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 3:16 p.m.8 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

9.8CVSS0.00319EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/10 12:0 a.m.6 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

5.9AI score0.00319EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.14 views

PT-2026-31927

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

5.9AI score0.00319EPSS
Exploits0References2
CVE
CVE
added 2026/04/10 12:0 a.m.12 views

CVE-2026-29861

CVE-2026-29861 affects PHP-MYSQL-User-Login-System v1.0, with a SQL injection vulnerability in login.php via the username parameter. The root cause is unsafely constructed SQL queries that incorporate unvalidated user input, leading to potential unauthorized disclosure/integrity impact and possib...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

PHP MySQL User Signup Login System 安全漏洞

PHP MySQL User Signup Login System is a MySQL registration and login system developed by Keerti Vishwkarma. Version 1.0 of the PHP MySQL User Signup Login System has a security vulnerability. This vulnerability stems from a flaw in the username parameter used in the login.php file, which may lead...

9.8CVSS5.8AI score0.00319EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/10 12:0 a.m.34 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

0.00319EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/09 6:30 a.m.5 views

EUVD-2026-20849

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/09 4:0 a.m.3 views

CVE-2026-5840

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/09 4:0 a.m.5 views

CVE-2026-5840 PHPGurukul News Portal Project check_availability.php sql injection

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.10 views

PHPGurukul News Portal Project SQL注入漏洞

PHPGurukul News Portal Project is a news portal project of PHPGurukul Corporation. Version 4.1 of the PHPGurukul News Portal Project has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter Username in the file admin/checkavailability.php, which may le...

5.8CVSS5.8AI score0.00202EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/08 7:34 p.m.3 views

CVE-2026-39344

ChurchCRM is an open-source church management system. Prior to 7.1.0, there is a Reflected Cross-Site Scripting XSS vulnerability on the login page, which is caused by the lack of sanitization or encoding of the username parameter received from the URL. The username parameter value is directly...

8.1CVSS5.9AI score0.00256EPSS
Exploits0References1
Rows per page
Query Builder