Lucene search
K

192448 matches found

Cvelist
Cvelist
added 2026/03/08 3:32 p.m.32 views

CVE-2026-3745 code-projects Student Web Portal profile.php sql injection

A vulnerability was found in code-projects Student Web Portal 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument User results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS0.00303EPSS
Exploits1References6
OSV
OSV
added 2026/03/08 1:16 p.m.5 views

CVE-2026-3736

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

9.8CVSS5.7AI score0.00345EPSS
Exploits1References5
OSV
OSV
added 2026/03/08 11:15 a.m.3 views

CVE-2026-3732

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicl...

8.8CVSS6.4AI score
Exploits0References5
OSV
OSV
added 2026/03/08 11:15 a.m.6 views

CVE-2026-3729

A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and...

8.8CVSS6.6AI score0.00632EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/08 11:2 a.m.4 views

CVE-2026-3733

A vulnerability was detected in xuxueli xxl-job up to 3.3.2. This impacts an unknown function of the file source-code/src/main/java/com/xxl/job/admin/controller/JobInfoController.java. The manipulation results in server-side request forgery. It is possible to launch the attack remotely. The explo...

6.5CVSS5.5AI score0.00214EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/03/08 11:2 a.m.33 views

CVE-2026-3733 xuxueli xxl-job JobInfoController.java server-side request forgery

A vulnerability was detected in xuxueli xxl-job up to 3.3.2. This impacts an unknown function of the file source-code/src/main/java/com/xxl/job/admin/controller/JobInfoController.java. The manipulation results in server-side request forgery. It is possible to launch the attack remotely. The explo...

6.5CVSS0.00214EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/03/08 10:7 a.m.147 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Langflow

Langflow Exploit Tool - CVE-2026-0770 📋 Table of Contents...

9.8CVSS5.9AI score0.10371EPSS
Exploits8
EUVD
EUVD
added 2026/03/08 9:30 a.m.5 views

EUVD-2026-10228

A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...

6.5CVSS5.4AI score0.00398EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/08 9:30 a.m.5 views

EUVD-2026-10221

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument delflag results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made publ...

9CVSS7.7AI score0.00655EPSS
Exploits1References6
OSV
OSV
added 2026/03/08 9:16 a.m.4 views

CVE-2026-3723

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /Admindelete.php. The manipulation of the argument flightno results in sql injection. The attack may be performed from remote. The exploit has been released t...

9.8CVSS5.7AI score0.0037EPSS
Exploits1References6
CVE
CVE
added 2026/03/08 6:32 a.m.19 views

CVE-2026-3714

OpenCart 4.0.2.3 is affected by a Server-Side Template Injection (SSTI) via the Theme Editor, due to improper validation in the Save function of admin/controller/design/template.php (cited as Incomplete Fix CVE-2024-36694). Remote exploitation is possible, per multiple sources. No fixed version i...

5.8CVSS5.4AI score0.00255EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/08 6:16 a.m.4 views

CVE-2026-3709

A weakness has been identified in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /register.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made availabl...

9.8CVSS5.8AI score0.0035EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2026/03/08 5:34 a.m.426 views

claude-bug-bounty

Claude Bug Bounty Hunter The AI-native bug bounty framework...

6AI score
Exploits0
Cvelist
Cvelist
added 2026/03/08 5:32 a.m.24 views

CVE-2026-3710 code-projects Simple Flight Ticket Booking System Adminadd.php sql injection

A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adminadd.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp leads to sql injection. Remote exploitati...

5.8CVSS0.00271EPSS
Exploits1References6
NVD
NVD
added 2026/03/08 5:16 a.m.6 views

CVE-2026-3706

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

6.3CVSS0.00162EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/03/08 5:2 a.m.32 views

CVE-2026-3706 mkj Dropbear S Range Check curve25519.c unpackneg signature verification

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

6.3CVSS0.00162EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/03/08 5:2 a.m.4 views

CVE-2026-3706

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

6.3CVSS5.2AI score0.00162EPSS
Exploits0References9Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/08 5:2 a.m.3 views

CVE-2026-3706 mkj Dropbear S Range Check curve25519.c unpackneg signature verification

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

6.3CVSS5.2AI score0.00162EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/03/08 4:2 a.m.3 views

CVE-2026-3702 SourceCodester Loan Management System index.php cross site scripting

A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. The attack is possible to be carried out remotely. The exploit is...

5.3CVSS4.3AI score0.00305EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/08 3:30 a.m.8 views

EUVD-2026-10201

A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...

7.5CVSS6.7AI score0.00403EPSS
Exploits0References7
Rows per page
Query Builder