Lucene search
K

2697 matches found

CVE
CVE
added 2026/06/04 11:45 p.m.20 views

CVE-2026-10877

CVE-2026-10877 concerns SourceCodester Ship Ferry Ticket Reservation System (up to 1.0) with an issue in the Admin Login component. The vulnerability resides in the /admin/login.php handling of the Username argument, enabling a SQL injection. The flaw is exploitable remotely, and the exploit has ...

7.5CVSS6.8AI score0.00328EPSS
Exploits0References6
NVD
NVD
added 2026/06/04 6:16 p.m.13 views

CVE-2026-10880

OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username field is not properly sanitized before being incorporated into a SQL query, allowing an unauthenticated remote attacker to bypass authentication and log in as an administrator without supplying a val...

9.8CVSS0.00436EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 5:19 p.m.7 views

CVE-2026-10880

OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username field is not properly sanitized before being incorporated into a SQL query, allowing an unauthenticated remote attacker to bypass authentication and log in as an administrator without supplying a val...

9.8CVSS5.9AI score0.00436EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.13 views

PT-2026-46837

Name of the Vulnerable Software and Affected Versions SourceCodester Ship Ferry Ticket Reservation System versions prior to 1.1 Description An issue exists in the Admin Login component within the '/admin/login.php' endpoint. Remote manipulation of the Username argument allows for SQL injection, a...

7.5CVSS7.1AI score0.00328EPSS
Exploits0References10
NVD
NVD
added 2026/06/03 2:16 a.m.12 views

CVE-2026-10704

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS0.00281EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:45 a.m.8 views

CVE-2026-10704

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/03 12:45 a.m.7 views

CVE-2026-10704 SourceCodester Pizzafy E-Commerce System Administrative Control Panel admin_class_novo.php login sql injection

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/03 12:45 a.m.14 views

EUVD-2026-34063

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS5.7AI score0.00281EPSS
Exploits0References6
CVE
CVE
added 2026/06/03 12:45 a.m.19 views

CVE-2026-10704

CVE-2026-10704 affects SourceCodester Pizzafy E-Commerce System 1.0. The vulnerability is in the Login function of /admin/admin_class_novo.php, where manipulating the Username parameter yields a SQL injection. The issue can be exploited remotely and the exploit is public. CVSS details indicate a ...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

SourceCodester Pizzafy E-Commerce System SQL注入漏洞

SourceCodester Pizzafy E-Commerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy E-Commerce System has a SQL injection vulnerability. This vulnerability stems from the function Login in the Administrative Control Panel component...

7.5CVSS7.5AI score0.00281EPSS
Exploits0References6
NVD
NVD
added 2026/06/01 9:16 p.m.19 views

CVE-2026-10288

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS0.00496EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 8:0 p.m.10 views

CVE-2026-10288

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/01 8:0 p.m.13 views

EUVD-2026-33762

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 8:0 p.m.11 views

CVE-2026-10288 code-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authentication

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS6.9AI score0.00496EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/01 8:0 p.m.29 views

CVE-2026-10288 code-projects Hotel and Tourism Reservation System Admin Login login.php password_verify improper authentication

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS0.00496EPSS
Exploits0References6
CVE
CVE
added 2026/06/01 8:0 p.m.35 views

CVE-2026-10288

The vulnerability affects code-projects Hotel and Tourism Reservation System 1.0 (Admin Login component). The issue lies in the function password_verify in /admin/login.php, where manipulation of the Password argument leads to improper authentication. It is exploitable remotely, and a publicly av...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.23 views

PT-2026-45553

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launc...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Code-Projects Hotel and Tourism Reservation System 授权问题漏洞

Code-Projects Hotel and Tourism Reservation System is an open-source hotel and tourism reservation system developed by Code-Projects. Version 1.0 of the Code-Projects Hotel and Tourism Reservation System has a vulnerability related to authorization issues. This vulnerability stems from incorrect...

7.5CVSS7.3AI score0.00496EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/29 4:13 p.m.13 views

CVE-2026-45631

Dokploy is a free, self-hostable Platform as a Service PaaS. From 0.27.0 to before 0.29.3, a hardcoded BETTERAUTHSECRET fallback "better-auth-secret-123456789" lets an unauthenticated attacker forge email verification JWTs, trigger auto-sign-in as admin, and execute commands on the host via the...

10CVSS5.9AI score0.00351EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

Dokploy 信任管理问题漏洞

Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy from 0.27.0 to 0.29.3 had a security vulnerability related to trust management. This vulnerability stemmed from a hardcoded BETTERAUTHSECRET fallback value, which allowed unauthorized attackers to forge email-base...

10CVSS5.9AI score0.00351EPSS
Exploits0References3
Rows per page
Query Builder