CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

362 matches found

Company Visitor Management System 1.0 - SQL Injection

Company Visitor Management System 1.0 contains a SQL injection vulnerability via the login page in the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id...

9.8CVSS7.2AI score0.04724EPSS

Exploits1References3

RedhatCVE•added 3 days ago•9 views

CVE-2026-10170

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone0.php. This manipulation of the argument phone causes sql injection. The attack may be initiated remotely. The exploit has been published and may be...

6.5CVSS5.7AI score0.00028EPSS

Exploits0References1

NVD•added 5 days ago•12 views

CVE-2026-10170

6.5CVSS0.00028EPSS

Exploits0References5

CVE•added 5 days ago•13 views

CVE-2026-10170

The CVE-2026-10170 entry affects code-projects Visitor Management System 1.0. A SQL injection vulnerability is present in /vms/php/phone_0.php via the phone parameter. The issue is remotely triggerable and an exploit has been published, indicating potential real-world use. The bundled metrics ind...

6.5CVSS5.7AI score0.00028EPSS

Exploits0References5

Vulnrichment•added 5 days ago•4 views

CVE-2026-10170 code-projects Visitor Management System phone_0.php sql injection

6.5CVSS6.5AI score0.00028EPSS

Exploits0References5

EUVD•added 5 days ago•8 views

EUVD-2026-33490

6.5CVSS6.5AI score0.00028EPSS

Exploits0References5

ATTACKERKB•added 5 days ago•7 views

CVE-2026-10170

6.5CVSS5.7AI score0.00028EPSS

Exploits0References5Affected Software1

Cvelist•added 5 days ago•27 views

CVE-2026-10170 code-projects Visitor Management System phone_0.php sql injection

6.5CVSS0.00028EPSS

Exploits0References5

Positive Technologies•added 5 days ago•6 views

PT-2026-45173

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone 0.php. This manipulation of the argument phone causes sql injection. The attack may be initiated remotely. The exploit has been published and may b...

6.5CVSS6.5AI score0.00028EPSS

Exploits0References5

CNNVD•added 5 days ago•5 views

Code-Projects Visitor Management System SQL注入漏洞

The Code-Projects Visitor Management System is an open-source visitor management system developed by Code-Projects. Version 1.0 of the code-projects Visitor Management System has a SQL injection vulnerability. This vulnerability arises from the parameter handling in the file/vms/php/phone0.php,...

6.5CVSS6.6AI score0.00028EPSS

Exploits0References5

EUVD•added 2026/04/21 6:31 p.m.•2 views

EUVD-2026-24139

Visitor Management System 1.0 by sanjay1313 is vulnerable to Unrestricted File Upload in vms/php/adminuserinsert.php and vms/php/update1.php. The moveuploadedfile function is called without any MIME type, extension, or content validation, allowing an authenticated admin to upload a PHP webshell a...

7.2CVSS5.9AI score0.00144EPSS

Exploits1References3

NVD•added 2026/04/21 4:16 p.m.•2 views

CVE-2026-37748

7.2CVSS0.00144EPSS

Exploits1References2

CNNVD•added 2026/04/21 12:0 a.m.•4 views

Visitor Management System 安全漏洞

The Visitor Management System is a system for managing visitors. Version 1.0 of the Visitor Management System has security vulnerabilities. These vulnerabilities stem from the lack of validation in the upload functions of the vms/php/adminuserinsert.php and vms/php/update1.php files, which may le...

7.2CVSS6.1AI score0.00144EPSS

Exploits1References1

Vulnrichment•added 2026/04/21 12:0 a.m.•3 views

CVE-2026-37748

5.9AI score0.00144EPSS

Exploits1References2

Cvelist•added 2026/04/21 12:0 a.m.•27 views

CVE-2026-37748

0.00144EPSS

Exploits1References2

ATTACKERKB•added 2026/04/21 12:0 a.m.•1 views

CVE-2026-37748

5.9AI score0.00144EPSS

Exploits1References3

CVE•added 2026/04/21 12:0 a.m.•2 views

CVE-2026-37748

CVE-2026-37748 affects Visitor Management System 1.0 by sanjay1313. The vulnerability is an Unrestricted File Upload in vms/php/admin_user_insert.php and vms/php/update_1.php, where move_uploaded_file() runs without MIME type, extension, or content validation. This allows an authenticated admin t...

7.2CVSS5.9AI score0.00144EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2026/04/21 12:0 a.m.•1 views

PT-2026-33995

Visitor Management System 1.0 by sanjay1313 is vulnerable to Unrestricted File Upload in vms/php/admin user insert.php and vms/php/update 1.php. The move uploaded file function is called without any MIME type, extension, or content validation, allowing an authenticated admin to upload a PHP...

5.9AI score0.00144EPSS

Exploits1References3

Cvelist•added 2026/04/20 12:0 a.m.•27 views

CVE-2026-39110

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

0.00279EPSS

Exploits0References3

CNNVD•added 2026/04/20 12:0 a.m.•5 views

PHPGurukul Apartment Visitors Management System 安全漏洞

PHPGurukul Apartment Visitors Management System is an apartment visitor management system developed by PHPGurukul Corporation. Version V1.1 of the PHPGurukul Apartment Visitors Management System contains a security vulnerability. This vulnerability stems from an SQL injection issue with the email...

7.5CVSS5.9AI score0.00097EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by