Lucene search
K

533 matches found

CVE
CVE
added 2 hours ago4 views

CVE-2026-14689

A security flaw has been discovered in CodeAstro Apartment Visitor Management System 1.0. The impacted element is an unknown function of the file /apartment-visitor/add-apartment.php. The manipulation of the argument apartmentno results in sql injection. The attack may be launched remotely. The...

6.5CVSS6.5AI score
Exploits0References6
CVE
CVE
added yesterday5 views

CVE-2026-14640

CVE-2026-14640 describes a SQL injection in CodeAstro Apartment Visitor Management System 1.0. The vulnerability is in the Login component, specifically an unknown function in /index.php, where manipulating the Username argument can lead to remote exploitation. The exploit is publicly available a...

7.5CVSS6.8AI score
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.8 views

CVE-2026-39111

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data...

7.5CVSS5.7AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.8 views

CVE-2026-39112

Cross Site Scripting vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the visname parameter of visitors-form.php. An authenticated attacker can inject arbitrary JavaScript that is later executed when the malicious input is viewed in...

5.4CVSS5.6AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.11 views

CVE-2026-39109

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page index.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database...

9.4CVSS5.7AI score0.00325EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/20 6:31 p.m.4 views

EUVD-2026-23921

Cross Site Scripting vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the visname parameter of visitors-form.php. An authenticated attacker can inject arbitrary JavaScript that is later executed when the malicious input is viewed in...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 6:31 p.m.4 views

EUVD-2026-23920

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References4
NVD
NVD
added 2026/04/20 6:16 p.m.8 views

CVE-2026-39110

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

8.2CVSS0.00295EPSS
Exploits0References3
NVD
NVD
added 2026/04/20 6:16 p.m.13 views

CVE-2026-39111

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data...

7.5CVSS0.00294EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/20 12:0 a.m.5 views

CVE-2026-39109

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page index.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database...

5.8AI score0.00325EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.9 views

PHPGurukul Apartment Visitors Management System 安全漏洞

PHPGurukul Apartment Visitors Management System is an apartment visitor management system developed by PHPGurukul Corporation. The PHPGurukul Apartment Visitors Management System V1.1 version has a security vulnerability. This vulnerability stems from an SQL injection issue with the username...

9.4CVSS5.9AI score0.00325EPSS
Exploits0References1
CVE
CVE
added 2026/04/20 12:0 a.m.9 views

CVE-2026-39111

CVE-2026-39111 concerns an SQL injection vulnerability in the Apartment Visitors Management System V1.1. The flaw is triggered in the forgot-password.php page via the email parameter, allowing an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data. The conn...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/20 12:0 a.m.5 views

CVE-2026-39111

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/20 12:0 a.m.7 views

CVE-2026-39110

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

8.2CVSS5.8AI score0.00295EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.7 views

PT-2026-33818

Name of the Vulnerable Software and Affected Versions Apartment Visitors Management System version 1.1 Description An issue exists in the forgot password page 'forgot-password.php' where the email parameter is susceptible to SQL Injection. This allows an unauthenticated attacker to manipulate...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.5 views

PT-2026-33819

Cross Site Scripting vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the visname parameter of visitors-form.php. An authenticated attacker can inject arbitrary JavaScript that is later executed when the malicious input is viewed in...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References5
CVE
CVE
added 2026/04/20 12:0 a.m.9 views

CVE-2026-39110

The CVE-2026-39110 entry concerns the Apartment Visitors Management System (Version 1.1). A SQL Injection flaw exists in the forgot-password.php page, specifically in the contactno parameter, allowing an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

8.2CVSS5.8AI score0.00295EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/20 12:0 a.m.25 views

CVE-2026-39109

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page index.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database...

0.00325EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/20 12:0 a.m.3 views

CVE-2026-39112

Cross Site Scripting vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the visname parameter of visitors-form.php. An authenticated attacker can inject arbitrary JavaScript that is later executed when the malicious input is viewed in...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/20 12:0 a.m.3 views

CVE-2026-39112

Cross Site Scripting vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the visname parameter of visitors-form.php. An authenticated attacker can inject arbitrary JavaScript that is later executed when the malicious input is viewed in...

5.9AI score0.00165EPSS
Exploits0References3
Rows per page
Query Builder