Lucene search
K

87127 matches found

NVD
NVD
added 2026/04/06 10:16 a.m.5 views

CVE-2026-5643

A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...

4.8CVSS0.00206EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 9:45 a.m.31 views

CVE-2026-5643 Cyber-III Student-Management-System Admin Add Endpoint notice.php cross site scripting

A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...

4.8CVSS0.00206EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/06 9:45 a.m.2 views

CVE-2026-5643 Cyber-III Student-Management-System Admin Add Endpoint notice.php cross site scripting

A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...

4.8CVSS4.3AI score0.00206EPSS
Exploits0References5
CVE
CVE
added 2026/04/06 9:45 a.m.11 views

CVE-2026-5643

The CVE-2026-5643 entry concerns Cyber-III Student-Management-System (up to build 1a938fa61e9f735078e9b291d2e6215b4942af3f) where an attacker can manipulate the argument $_SERVER['PHP_SELF'] in /admin/Add notice/notice.php (Admin Add Endpoint) to trigger cross-site scripting. The vulnerability is...

4.8CVSS4.3AI score0.00206EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:45 a.m.6 views

CVE-2026-5643

A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...

4.8CVSS4.3AI score0.00206EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/06 9:31 a.m.3 views

EUVD-2026-19203

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References5
NVD
NVD
added 2026/04/06 9:16 a.m.8 views

CVE-2026-5639

A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted is an unknown function of the file /admin/update-image3.php of the component Parameter Handler. Executing a manipulation of the argument filename can lead to sql injection. The attack can be executed remotely. The...

6.5CVSS0.00246EPSS
Exploits0References5
NVD
NVD
added 2026/04/06 9:16 a.m.12 views

CVE-2026-5640

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...

6.5CVSS0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:15 a.m.2 views

CVE-2026-5641

A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from...

6.5CVSS6.3AI score0.00196EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/06 9:15 a.m.9 views

CVE-2026-5641

The CVE-2026-5641 issue affects PHPGurukul Online Shopping Portal Project 2.1, specifically the /admin/update-image1.php file in the Parameter Handler. The vulnerability arises from manipulating the filename argument, leading to SQL injection. It can be exploited remotely, and the exploit has bee...

6.5CVSS6.3AI score0.00196EPSS
Exploits0References5
CVE
CVE
added 2026/04/06 9:0 a.m.16 views

CVE-2026-5640

The CVE-2026-5640 entry concerns PHPGurukul Online Shopping Portal Project 2.1. The vulnerability is an SQL injection in an unknown function within /admin/update-image2.php of the Parameter Handler, triggered by manipulating the filename argument. It is described as remotely exploitable and publi...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:0 a.m.6 views

CVE-2026-5640

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 8:45 a.m.1 views

CVE-2026-5639 PHPGurukul Online Shopping Portal Project Parameter update-image3.php sql injection

A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted is an unknown function of the file /admin/update-image3.php of the component Parameter Handler. Executing a manipulation of the argument filename can lead to sql injection. The attack can be executed remotely. The...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5
CVE
CVE
added 2026/04/06 8:45 a.m.7 views

CVE-2026-5639

PHPGurukul Online Shopping Portal Project 2.1 has a SQL injection flaw in the Parameter Handler’s /admin/update-image3.php. The vulnerability arises from manipulating the filename argument, enabling remote exploitation. Exploit published; CVSS notes range from 4.0 to 3.0 scales with PROOF-OF-CONC...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 8:15 a.m.27 views

CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS0.00259EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/06 2:26 a.m.6 views

kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain()

A flaw was found in the Linux kernel. A local attacker with CAPNETADMIN capabilities, or remote packet traffic, could exploit a use-after-free vulnerability in the nftablesaddchain function's error handling. Successful exploitation could lead to a kernel crash, resulting in a Denial of Service Do...

7.8CVSS5.9AI score0.00812EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/06 2:1 a.m.5 views

kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain()

A flaw was found in the Linux kernel. A local attacker with CAPNETADMIN capabilities, or remote packet traffic, could exploit a use-after-free vulnerability in the nftablesaddchain function's error handling. Successful exploitation could lead to a kernel crash, resulting in a Denial of Service Do...

7.8CVSS5.9AI score0.00812EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.3 views

PT-2026-30590

A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection. The attack may be performed from...

6.5CVSS5.6AI score0.00196EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

Student-Management-System 代码注入漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. Versions of Student-Management-System 1a938fa61e9f735078e9b291d2e6215b4942af3f and earlier have a code injection vulnerability. This vulnerability stems from incorrect handling of the...

4.8CVSS5.7AI score0.00206EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.8 views

PHPGurukul Online Shopping Portal Project SQL注入漏洞

The PHPGurukul Online Shopping Portal Project is an online shopping portal project developed by PHPGurukul Corporation. Version 2.1 of the PHPGurukul Online Shopping Portal Project contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter filename ...

6.5CVSS6.7AI score0.00192EPSS
Exploits0References5
Rows per page
Query Builder