CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1283 matches found

CVE•added 2026/05/07 8:15 p.m.•7 views

CVE-2026-8097

CVE-2026-8097 affects CodeAstro Online Classroom 1.0. The vulnerability is in unknown code of /askquery.php, where manipulating the squeryx argument enables SQL injection. Exploitation can be performed remotely, and public exploits exist. CVSS-derived metrics in the provided data indicate a MEDIU...

6.5CVSS6.5AI score0.00031EPSS

Exploits0References5

EUVD•added 2026/05/07 6:30 p.m.•5 views

EUVD-2026-28391

A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /addmembers.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE...

6.5CVSS5.8AI score0.00114EPSS

Exploits0References3

NVD•added 2026/05/07 4:16 p.m.•6 views

CVE-2026-36387

6.5CVSS0.00114EPSS

Exploits0References2

Vulnrichment•added 2026/05/07 12:0 a.m.•4 views

CVE-2026-36387

5.8AI score0.00114EPSS

Exploits0References2

ATTACKERKB•added 2026/05/07 12:0 a.m.•2 views

CVE-2026-36387

5.8AI score0.00114EPSS

Exploits0References3

CVE•added 2026/05/07 12:0 a.m.•4 views

CVE-2026-36387

CVE-2026-36387 affects CODEASTRO Membership Management System v1.0, specifically the /add_members.php file. The issue arises in the file upload functionality due to improper sanitization, allowing injection of malicious files that can lead to Remote Code Execution (RCE). The available documents c...

6.5CVSS5.8AI score0.00114EPSS

Exploits0References2

Positive Technologies•added 2026/05/07 12:0 a.m.•5 views

PT-2026-38449

A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add members.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE...

6.5CVSS5.8AI score0.00114EPSS

Exploits0References3

CNNVD•added 2026/05/07 12:0 a.m.•3 views

CodeAstro Membership Management System 代码问题漏洞

The CodeAstro Membership Management System is a member management system developed by CodeAstro Inc. Version 1.0 of the CODEASTRO Membership Management System has code-related vulnerabilities. These vulnerabilities stem from the file upload functionality in the /addmembers.php file. Improper...

6.5CVSS6.1AI score0.00114EPSS

Exploits0References1

CNNVD•added 2026/05/07 12:0 a.m.•3 views

CodeAstro Online Classroom 注入漏洞

CodeAstro Online Classroom is an online classroom platform provided by CodeAstro Inc. Version 1.0 of CodeAstro Online Classroom has a injection vulnerability; this vulnerability stems from the operation of the parameter squeryx in the file/askquery.php, which may lead to SQL injection attacks...

6.5CVSS6.7AI score0.00031EPSS

Exploits0References1

Positive Technologies•added 2026/05/07 12:0 a.m.•5 views

PT-2026-38573

Name of the Vulnerable Software and Affected Versions CodeAstro Online Classroom version 1.0 Description A remote SQL injection flaw exists in the '/askquery.php' endpoint. The issue occurs due to the improper manipulation of the squeryx argument, which allows an attacker to execute arbitrary SQL...

6.5CVSS6.8AI score0.00031EPSS

Exploits0References7

RedhatCVE•added 2026/05/05 8:21 p.m.•3 views

CVE-2026-7744

A vulnerability was found in CodeAstro Online Classroom 1.0. This affects an unknown function of the file /OnlineClassroom/addnewstudent. The manipulation of the argument fname results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

6.5CVSS6.3AI score0.00031EPSS

Exploits0References1

NVD•added 2026/05/04 9:16 a.m.•2 views

CVE-2026-7745

A vulnerability was determined in CodeAstro Online Classroom 1.0. This impacts an unknown function of the file /OnlineClassroom/facultydetails. This manipulation of the argument deleteid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed...

6.5CVSS0.00031EPSS

Exploits0References5

NVD•added 2026/05/04 8:16 a.m.•2 views

CVE-2026-7744

6.5CVSS0.00031EPSS

Exploits0References5

NVD•added 2026/05/04 8:16 a.m.•6 views

CVE-2026-7742

A flaw has been found in CodeAstro Online Classroom 1.0. The affected element is an unknown function of the file /OnlineClassroom/facultylogin. Executing a manipulation of the argument fid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be us...

6.5CVSS0.00011EPSS

Exploits0References5

NVD•added 2026/05/04 8:16 a.m.•3 views

CVE-2026-7743

A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an unknown function of the file /OnlineClassroom/studentdetails. The manipulation of the argument deleteid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

6.5CVSS0.00011EPSS

Exploits0References5

NVD•added 2026/05/04 8:16 a.m.•3 views

CVE-2026-7741

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be us...

6.5CVSS0.00031EPSS

Exploits0References5

CVE•added 2026/05/04 7:45 a.m.•6 views

CVE-2026-7745

CodeAstro Online Classroom 1.0 is affected by a SQL injection in the function handling /OnlineClassroom/facultydetails, via manipulation of the deleteid parameter. The vulnerability can be exploited remotely and exploitation is described as a proof-of-concept in the sources. CVSS metrics are prov...

6.5CVSS6.5AI score0.00031EPSS

Exploits0References5