3349 matches found
EUVD-2024-55672
HCL Aftermarket EPC is vulnerable to attack as cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function...
metasploitable-vulnerability-mapping-with-nmap
Metasploitable Vulnerability Assessment Network Enumeration...
CVE-2026-14658
A vulnerability was detected in code-projects Assessment Management 1.0. This vulnerability affects unknown code of the file /lecturer/marking-scheme.php. The manipulation of the argument smarksrange results in sql injection. It is possible to launch the attack remotely. The exploit is now public...
CVE-2026-14655
A weakness has been identified in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file admin/view-users.php. Executing a manipulation of the argument User can lead to cross site scripting. The attack may be performed from remote. The exploit ha...
CVE-2026-14657
A flaw has been found in code-projects Assessment Management 1.0. This issue affects some unknown processing of the file /lecturer/marking-scheme.php of the component Database Query Handler. This manipulation of the argument squestions causes sql injection. The attack can be initiated remotely. T...
CVE-2026-14656
A security vulnerability has been detected in code-projects Assessment Management 1.0. This affects an unknown part of the file /admin/remove-user.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2026-14658
The CVE-2026-14658 issue affects code-projects Assessment Management 1.0, specifically the file /lecturer/marking-scheme.php. The vulnerability is an SQL injection caused by manipulating the parameter smarksrange[]; it enables remote exploitation. Public exploit information is noted in the descri...
CVE-2026-14658 code-projects Assessment Management marking-scheme.php sql injection
A vulnerability was detected in code-projects Assessment Management 1.0. This vulnerability affects unknown code of the file /lecturer/marking-scheme.php. The manipulation of the argument smarksrange results in sql injection. It is possible to launch the attack remotely. The exploit is now public...
CVE-2026-14657
CVE-2026-14657 describes a SQL injection flaw in the code-projects Assessment Management 1.0, affecting the Database Query Handler. The vulnerability arises from how the argument squestions[] is processed in the file /lecturer/marking-scheme.php, enabling remote exploitation. The exploit is publi...
CVE-2026-14657 code-projects Assessment Management Database Query marking-scheme.php sql injection
A flaw has been found in code-projects Assessment Management 1.0. This issue affects some unknown processing of the file /lecturer/marking-scheme.php of the component Database Query Handler. This manipulation of the argument squestions causes sql injection. The attack can be initiated remotely. T...
CVE-2026-14657
A flaw has been found in code-projects Assessment Management 1.0. This issue affects some unknown processing of the file /lecturer/marking-scheme.php of the component Database Query Handler. This manipulation of the argument squestions causes sql injection. The attack can be initiated remotely. T...
CVE-2026-14656 code-projects Assessment Management remove-user.php cross site scripting
A security vulnerability has been detected in code-projects Assessment Management 1.0. This affects an unknown part of the file /admin/remove-user.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2026-14656
A security vulnerability has been detected in code-projects Assessment Management 1.0. This affects an unknown part of the file /admin/remove-user.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed...
CVE-2026-14656
CVE-2026-14656 affects code-projects Assessment Management 1.0, with a vulnerability in an unspecified part of /admin/remove-user.php where manipulating the ID parameter enables cross-site scripting. The issue is exploitable remotely and the exploit has been publicly disclosed. CVSS metrics indic...
CVE-2026-14655
A weakness has been identified in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file admin/view-users.php. Executing a manipulation of the argument User can lead to cross site scripting. The attack may be performed from remote. The exploit ha...
CVE-2026-14655
CVE-2026-14655 affects code-projects Assessment Management 1.0. The vulnerability is in an unknown functionality of the file admin/view-users.php , where manipulating the argument User can lead to cross-site scripting (XSS) . The attack is described as possible to be performed from remote, with a...
CVE-2026-14655 code-projects Assessment Management view-users.php cross site scripting
A weakness has been identified in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file admin/view-users.php. Executing a manipulation of the argument User can lead to cross site scripting. The attack may be performed from remote. The exploit ha...
PT-2026-55736
Name of the Vulnerable Software and Affected Versions code-projects Assessment Management version 1.0 Description Cross site scripting occurs due to the manipulation of the ID argument within the '/admin/remove-user.php' endpoint. This issue allows a remote attacker to execute malicious scripts i...
PT-2026-55738
Name of the Vulnerable Software and Affected Versions code-projects Assessment Management version 1.0 Description An issue exists in the /lecturer/marking-scheme.php file where improper handling of the smarksrange variable allows for remote SQL injection. SQL injection is a technique where an...
PT-2026-55737
Name of the Vulnerable Software and Affected Versions code-projects Assessment Management version 1.0 Description An SQL injection flaw exists in the Database Query Handler component due to improper processing of the /lecturer/marking-scheme.php endpoint. A remote attacker can exploit this by...