Lucene search
+L

3384 matches found

EUVD
EUVD
added 5 days ago8 views

EUVD-2026-43282

A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the...

7.5CVSS6.8AI score0.00263EPSS
Exploits0References7
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-43295

A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of the component Book Image Upload Feature. Such manipulation leads to unrestricted upload. The attack may be performed from remote. T...

5.8CVSS5.7AI score0.00227EPSS
Exploits0References7
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43296

A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/requi...

5.3CVSS5.9AI score0.00242EPSS
Exploits0References7
NVD
NVD
added 5 days ago7 views

CVE-2026-15540

A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/requi...

5.3CVSS0.00242EPSS
Exploits0References6
NVD
NVD
added 5 days ago6 views

CVE-2026-15539

A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of the component Book Image Upload Feature. Such manipulation leads to unrestricted upload. The attack may be performed from remote. T...

5.8CVSS0.00227EPSS
Exploits0References6
NVD
NVD
added 5 days ago5 views

CVE-2026-15537

A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the...

7.5CVSS0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-15540 SourceCodester Online Book Store System Administrative index.php php file inclusion

A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/requi...

5.3CVSS0.00242EPSS
Exploits0References6
CVE
CVE
added 5 days ago10 views

CVE-2026-15540

CVE-2026-15540 affects SourceCodester Online Book Store System 1.0. The Administrative Interface file /admin/index.php contains a vulnerability where manipulating the page parameter leads to improper control of the filename used in include/require statements in PHP, i.e., a local file inclusion. ...

5.3CVSS5.9AI score0.00242EPSS
Exploits0References6
NVD
NVD
added 5 days ago6 views

CVE-2026-15532

A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...

4.8CVSS0.0021EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-15539 SourceCodester Online Book Store System Book Image Upload Feature index.php books unrestricted upload

A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of the component Book Image Upload Feature. Such manipulation leads to unrestricted upload. The attack may be performed from remote. T...

5.8CVSS0.00227EPSS
Exploits0References6
CVE
CVE
added 5 days ago11 views

CVE-2026-15539

SourceCodester Online Book Store System 1.0 is affected by a vulnerability in the Book Image Upload Feature (admin/index.php?page=books) that allows unrestricted file upload. The issue enables remote attacker manipulation leading to unrestricted upload, as disclosed publicly. No remediation detai...

5.8CVSS5.7AI score0.00227EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-12582 Library Management System < 3.5.8 - Unauthenticated SQL Injection via book_id

The Library Management System WordPress plugin before 3.5.8 does not sanitize and escape a user-supplied parameter before using it in a SQL statement, allowing unauthenticated attackers to perform SQL injection and extract arbitrary data from the database, including user password hashes...

0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-15537 SourceCodester Online Book Store System login.php sql injection

A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the...

7.5CVSS0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-15532 SourceCodester Online Book Store System User Management cross site scripting

A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...

4.8CVSS0.0021EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-15532

A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...

4.8CVSS4.7AI score0.0021EPSS
Exploits0References6Affected Software1
CVE
CVE
added 5 days ago11 views

CVE-2026-15532

SourceCodester Online Book Store System 1.0 is affected by a cross site scripting (XSS) vulnerability in the User Management Module. The issue arises from manipulation of the Name/Username argument, enabling an attacker to inject script. The vulnerability is remote-exploitable and has a publicly ...

4.8CVSS4.7AI score0.0021EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43278

A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...

4.8CVSS4.7AI score0.0021EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-57646

A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/requi...

5.3CVSS5.9AI score0.00242EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/10 7:48 a.m.9 views

EUVD-2026-42842

The Hostel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wphostel-book' shortcode in all versions up to and including 1.1.7. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Specifically, the second shortcode...

6.4CVSS6.2AI score0.00243EPSS
Exploits0References8
CVE
CVE
added 2026/07/10 7:48 a.m.10 views

CVE-2026-3907

The CVE records CVE-2026-3907 for the WordPress Hostel plugin (versions

6.4CVSS6.2AI score0.00243EPSS
Exploits0References8
Rows per page
Query Builder