Lucene search
+L

2705 matches found

EUVD
EUVD
added 2026/06/01 8:0 p.m.15 views

EUVD-2026-33762

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function passwordverify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launch...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
CVE
CVE
added 2026/06/01 8:0 p.m.40 views

CVE-2026-10288

The vulnerability affects code-projects Hotel and Tourism Reservation System 1.0 (Admin Login component). The issue lies in the function password_verify in /admin/login.php, where manipulation of the Password argument leads to improper authentication. It is exploitable remotely, and a publicly av...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Code-Projects Hotel and Tourism Reservation System 授权问题漏洞

Code-Projects Hotel and Tourism Reservation System is an open-source hotel and tourism reservation system developed by Code-Projects. Version 1.0 of the Code-Projects Hotel and Tourism Reservation System has a vulnerability related to authorization issues. This vulnerability stems from incorrect...

7.5CVSS7.3AI score0.00496EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.30 views

PT-2026-45553

A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is possible to launc...

7.5CVSS5.6AI score0.00496EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/29 4:13 p.m.16 views

CVE-2026-45631

Dokploy is a free, self-hostable Platform as a Service PaaS. From 0.27.0 to before 0.29.3, a hardcoded BETTERAUTHSECRET fallback "better-auth-secret-123456789" lets an unauthenticated attacker forge email verification JWTs, trigger auto-sign-in as admin, and execute commands on the host via the...

10CVSS5.9AI score0.00351EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

Dokploy 信任管理问题漏洞

Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy from 0.27.0 to 0.29.3 had a security vulnerability related to trust management. This vulnerability stemmed from a hardcoded BETTERAUTHSECRET fallback value, which allowed unauthorized attackers to forge email-base...

10CVSS5.9AI score0.00351EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 12:42 p.m.42 views

CVE-2026-35090 Authentication Bypass in Slican telephone exchanges

In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to bypass admin authentication and gain full access to the service protocol and configuration panel...

9.3CVSS0.00625EPSS
Exploits0References1
NVD
NVD
added 2026/05/24 2:16 p.m.22 views

CVE-2026-9383

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

7.5CVSS0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/24 1:15 p.m.14 views

EUVD-2026-31595

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/24 1:15 p.m.10 views

CVE-2026-9383 itsourcecode Electronic Judging System login.php sql injection

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

7.5CVSS5.5AI score0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/24 12:0 a.m.26 views

PT-2026-42944

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
NVD
NVD
added 2026/05/15 10:16 p.m.32 views

CVE-2026-45351

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of...

6.5CVSS0.00281EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 9:9 p.m.7 views

CVE-2026-45351

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of...

6.5CVSS5.8AI score0.00281EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.8 views

CVE-2026-44183

Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the X-Forwarded-For header as the client IP. That entr...

9.8CVSS5.8AI score0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 2:22 p.m.8 views

CVE-2020-37220 Huawei HG630 V2 Router Authentication Bypass via Serial Number

Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...

8.7CVSS5.8AI score0.00356EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/13 2:22 p.m.33 views

CVE-2020-37220 Huawei HG630 V2 Router Authentication Bypass via Serial Number

Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...

8.7CVSS0.00356EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.14 views

PT-2026-40330

Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the X-Forwarded-For header as the client IP. That entr...

9.8CVSS5.8AI score0.00222EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/08 6:32 a.m.12 views

EUVD-2024-31033

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

7.3CVSS5.9AI score0.0081EPSS
Exploits3References3
NVD
NVD
added 2026/05/08 6:16 a.m.23 views

CVE-2024-33288

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

7.3CVSS0.0081EPSS
Exploits3References2
Cvelist
Cvelist
added 2026/05/08 12:0 a.m.45 views

CVE-2024-33288

Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page...

0.0081EPSS
Exploits3References2
Rows per page
Query Builder