Lucene search
K

2384 matches found

Vulnrichment
Vulnrichment
added 2026/06/01 11:0 a.m.10 views

CVE-2026-10251 itsourcecode Online House Rental System ajax.php login sql injection

A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/01 6:16 a.m.21 views

CVE-2026-10225

A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...

7.5CVSS0.00263EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 4:45 a.m.12 views

CVE-2026-10225

A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/01 12:30 a.m.42 views

CVE-2026-10208 code-projects Online Hospital Management System login_1.php login_user sql injection

A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function loginuser of the file login1.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...

7.5CVSS0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/01 12:30 a.m.13 views

EUVD-2026-33529

A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function loginuser of the file login1.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.12 views

PT-2026-45400

A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS5.6AI score0.00263EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Code-Projects Real State Services SQL注入漏洞

Code-Projects Real State Services is an open-source real estate service developed by Code-Projects. Version 1.0 of Code-Projects Real State Services has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter “Username” in the “login” component’s file...

7.5CVSS7.5AI score0.00269EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

itsourcecode Online House Rental System SQL注入漏洞

itsourcecode Online House Rental System is an open-source online housing rental system developed by itsourcecode. Version 1.0 of the itsourcecode Online House Rental System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Username parameter in the...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

student_management_system_by_php SQL注入漏洞

studentmanagementsystembyphp is a student information management tool developed by Raisul Islam, based on PHP. studentmanagementsystembyphp has a SQL injection vulnerability, which stems from the incorrect handling of the Username parameter in the Login component of the logincheck.php file,...

7.5CVSS7.5AI score0.00263EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Bylancer Zechat SQL注入漏洞

Bylancer Zechat is a PHP instant messaging system developed by Bylancer Corporation, which supports real-time messages, group chat, and social interactions. Version 1.5 of Bylancer Zechat has a SQL injection vulnerability. This vulnerability arises from injecting SQL code via the uname parameter,...

8.8CVSS5.9AI score0.00334EPSS
Exploits0References4
CVE
CVE
added 2026/05/25 8:45 a.m.21 views

CVE-2026-9443

The CVE-2026-9443 vulnerability affects Edimax BR-6478AC 1.23, specifically the POST Request Handler’s formL2TPSetup function. Buffer overflow is triggered via manipulating the L2TPUserName argument in /goform/formL2TPSetup. Attack surface is network-exposed and low privileges are required, with ...

9CVSS7.8AI score0.00589EPSS
Exploits0References4
NVD
NVD
added 2026/05/24 2:16 p.m.20 views

CVE-2026-9383

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

7.5CVSS0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/24 1:15 p.m.11 views

CVE-2026-9383

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.8 views

itsourcecode Electronic Judging System SQL注入漏洞

itsourcecode Electronic Judging System is an open-source electronic referee system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System has a SQL injection vulnerability. This vulnerability stems from improper handling of the Username parameter in the file...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/24 12:0 a.m.19 views

PT-2026-42944

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/23 6:30 p.m.12 views

CVE-2018-25351

Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads ...

8.8CVSS6.2AI score0.00358EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/23 6:30 p.m.40 views

CVE-2018-25351

CVE-2018-25351 affects Joomla! Component EkRishta 2.10. The connected documents describe an error-based SQL injection in the username parameter that allows unauthenticated attackers to execute arbitrary SQL queries by sending POST requests to the login endpoint, leaking database information inclu...

8.8CVSS6.2AI score0.00358EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/23 6:30 p.m.30 views

CVE-2018-25351 Joomla! Component EkRishta 2.10 SQL Injection via username

Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads ...

8.8CVSS0.00358EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.15 views

PT-2026-42804

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

6.5CVSS6.1AI score0.00866EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 12:0 a.m.7 views

CVE-2026-36227

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

6.5CVSS6.1AI score0.00866EPSS
Exploits1References3
Rows per page
Query Builder