Lucene search
K

2632 matches found

EUVD
EUVD
added yesterday11 views

EUVD-2026-43253

A vulnerability was identified in pig-mesh Pig up to 3.9.2. Affected by this issue is some unknown functionality of the file \pig-master\pig-visual\pig-codegen\src\main\java\com\pig4cloud\pig\codegen\service\impl\GeneratorServiceImpl.java of the component pig-codegen. Such manipulation leads to...

6.5CVSS6.3AI score0.00376EPSS
Exploits0References6
EUVD
EUVD
added yesterday8 views

EUVD-2026-43259

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/PlanGiveOut.aspx. This manipulation of the argument httpOID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be...

7.5CVSS6.7AI score0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago11 views

CVE-2026-15514 Metasoft 美特软件 MetaCRM PHPRPC Remote Call rpc.jsp RPCService.query sql injection

A weakness has been identified in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This vulnerability affects the function RPCService.query of the file /customizemt/xkq/rpc.jsp of the component PHPRPC Remote Call Interface. Executing a manipulation of the argument phprpcargs can lead to sql injection. T...

7.5CVSS0.00254EPSS
Exploits0References5
CVE
CVE
added 2 days ago14 views

CVE-2026-15509

Leantime up to 3.8.0 is affected by a vulnerability in the JSON-RPC Endpoint functions editUser/addUser where manipulating the role argument leads to improper authorization. The issue is exploitable remotely and has been publicly disclosed; vendor response was not provided. Affected impact includ...

6.5CVSS6.2AI score0.00333EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-43246

A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of the argument pmetaData causes cross site scripting. The attack may be initiated remotely. The vendo...

5.1CVSS4.6AI score0.00195EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-43222

A weakness has been identified in AstrBotDevs AstrBot up to 4.25.2. Affected by this vulnerability is the function getonlineplugins of the file astrbot/dashboard/routes/plugin.py of the component marketlist Endpoint. Executing a manipulation of the argument customregistry can lead to server-side...

6.5CVSS6.4AI score0.00209EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43219

A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code...

7.5CVSS6.6AI score0.00394EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-43218

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-15496 SonicCloudOrg sonic-agent Groovy Script GroovyScriptImpl.java evalIsFailed os command injection

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS0.01158EPSS
Exploits0References5
CVE
CVE
added 2 days ago11 views

CVE-2026-15495

The vulnerability CVE-2026-15495 affects SonicCloudOrg sonic-agent up to version 2.7.2, specifically in the Android WebSocket Server component’s AndroidWSServer.java. The issue arises from manipulating the path argument, causing os command injection. It is remotely exploitable and has public disc...

6.5CVSS6.3AI score0.01543EPSS
Exploits0References6
NVD
NVD
added 2 days ago8 views

CVE-2026-15491

A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain...

7.5CVSS0.00627EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43213

A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain...

7.5CVSS6.7AI score0.00627EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43212

A security flaw has been discovered in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this issue is some unknown functionality of the file proses/add.php. The manipulation of the argument kodeproduk/kdcs results in sql injection. The attack can be executed...

7.5CVSS6.7AI score0.00393EPSS
Exploits0References4
NVD
NVD
added 2 days ago8 views

CVE-2026-15482

A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestaoloja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be...

7.5CVSS0.00254EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43204

A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestaoloja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be...

7.5CVSS5.9AI score0.00254EPSS
Exploits0References4
NVD
NVD
added 2 days ago10 views

CVE-2026-15474

A security flaw has been discovered in Eleveo Call Recording Software 9.7.0. Impacted is an unknown function of the file /callrec/audio.jsp of the component Call Recording Handler. The manipulation of the argument callId results in improper authorization. The attack may be performed from remote...

5.3CVSS0.00207EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-43194

A vulnerability was determined in Eleveo Call Recording Software 9.7.0. This vulnerability affects unknown code of the file /callrec/composeEmailAction.do. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has been publicly disclosed and...

5.3CVSS5.9AI score0.00207EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43193

A vulnerability was found in Eleveo Call Recording Software 9.7.0. This affects an unknown part of the file /callrec/pcidssstatus.jsp. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Th...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References5
CVE
CVE
added 4 days ago7 views

CVE-2026-2397

CVE-2026-2397 describes an SQL injection in Adam Retail Automation Ltd.’s MobilMen 20T. Affected: MobilMen 20T from version v3 through 10072026. Root cause: improper neutralization of special elements used in an SQL command. Impact is high across confidentiality, integrity, and availability (CVSS...

9.8CVSS6.1AI score0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-2397 SQLi in AdamPOS' MobilMen 20T

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Adam Retail Automation Ltd. MobilMen 20T allows SQL Injection. This issue affects MobilMen 20T: from v3 through 10072026. NOTE: The vendor was contacted early about this disclosure but did not...

9.8CVSS0.00265EPSS
Exploits0References1
Rows per page
Query Builder