Lucene search
K

2396 matches found

CVE
CVE
added 2026/06/08 4:30 a.m.29 views

CVE-2026-11488

The CVE-2026-11488 entry concerns code-projects Simple Flight Ticket Booking System 1.0. It identifies a SQL injection in the POST Parameter Handler, specifically in checkUser.php via the Username argument. Impact is limited to confidentiality and integrity with a low severity in CVSS metrics, an...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/08 4:30 a.m.9 views

CVE-2026-11488 code-projects Simple Flight Ticket Booking System POST Parameter checkUser.php sql injection

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47250

Name of the Vulnerable Software and Affected Versions Simple Flight Ticket Booking System version 1.0 Description An issue exists in the POST Parameter Handler component within the checkUser.php file. Remote manipulation of the Username parameter allows for SQL injection, a technique where...

7.5CVSS7.4AI score0.00275EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.13 views

CodeAstro Student Attendance Management System 注入漏洞

The CodeAstro Student Attendance Management System is a student attendance management system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Student Attendance Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the parameter...

7.5CVSS7.5AI score0.00269EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

SourceCodester Inventory System 跨站脚本漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System has a cross-site scripting vulnerability. This vulnerability stems from the handling of parameters fullname and username in the users.php componen...

5.3CVSS4.6AI score0.00388EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/08 12:0 a.m.12 views

EUVD-2026-35076

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS5.5AI score0.00529EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 12:0 a.m.8 views

CVE-2026-36789

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.5AI score0.00529EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Code-Projects Simple Flight Ticket Booking System 注入漏洞

Code-Projects Simple Flight Ticket Booking System is a simple airline ticket booking system developed by Code-Projects. Version 1.0 of the code-projects Simple Flight Ticket Booking System has a vulnerability due to incorrect handling of the Username parameter in the POST Parameter Handler...

7.5CVSS7.5AI score0.00275EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47443

A flaw has been found in CodeAstro Student Attendance Management System 1.0. The impacted element is an unknown function of the file /attendance-php/index.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has bee...

7.5CVSS7AI score0.00269EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.14 views

CVE-2026-11338

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.8AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.13 views

CVE-2026-10296

A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been publicl...

6.5CVSS6.4AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.13 views

CVE-2026-36227

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

6.5CVSS5.9AI score0.00866EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.24 views

CVE-2026-10704

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS7AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.10 views

CVE-2026-10262

A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.10 views

CVE-2026-8132

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

7.5CVSS7AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42062

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...

9.8CVSS7.9AI score0.01633EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 4:15 p.m.10 views

CVE-2026-11338 SourceCodester Ship Ferry Ticket Reservation System manage_user cross site scripting

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.6AI score0.0021EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/05 4:15 p.m.13 views

EUVD-2026-34856

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.8AI score0.0021EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

SourceCodester Ship Ferry Ticket Reservation SQL注入漏洞

SourceCodester Ship Ferry Ticket Reservation is an open-source ticket reservation service developed by SourceCodester. Versions of SourceCodester Ship Ferry Ticket Reservation prior to 1.0 contained a SQL injection vulnerability. This vulnerability stemmed from improper handling of the Username...

7.5CVSS7.5AI score0.00328EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.14 views

SourceCodester Ship Ferry Ticket Reservation System 代码注入漏洞

The SourceCodester Ship Ferry Ticket Reservation System is an open-source booking system for ship tickets developed by SourceCodester. Version 1.0 of the SourceCodester Ship Ferry Ticket Reservation System has a code injection vulnerability. This vulnerability stems from improper handling of the...

4.8CVSS4.3AI score0.0021EPSS
Exploits0References7
Rows per page
Query Builder