Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19144 matches found

EUVD
EUVDadded 2026/02/07 5:2 a.m.7 views

EUVD-2026-5748

A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...

6.5CVSS5.1AI score0.00309EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2026/02/07 5:2 a.m.4 views

CVE-2026-2075 yeqifu warehouse Role-Permission Binding RoleController.java saveRolePermission access control

A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...

6.5CVSS5.2AI score0.00309EPSS
Exploits1References6
SUSE CVE
SUSE CVEadded 2026/02/07 12:26 a.m.2 views

SUSE CVE-2026-1580

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/auth-method Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to t...

8.8CVSS6.3AI score0.00485EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/02/07 12:24 a.m.2 views

SUSE CVE-2026-24470

Skipper is an HTTP router and reverse proxy for service composition. Prior to version 0.24.0, when running Skipper as an Ingress controller, users with permissions to create an Ingress and a Service of type ExternalName can create routes that enable them to use Skipper's network access to reach...

8.1CVSS5.3AI score0.00267EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/02/07 12:24 a.m.9 views

SUSE CVE-2026-24514

A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx...

6.5CVSS5.4AI score0.0046EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/02/07 12:0 a.m.7 views

PT-2026-6897

Name of the Vulnerable Software and Affected Versions yeqifu warehouse affected versions not specified Description A flaw exists that can lead to improper authorization. The issue affects the addMenu, updateMenu, and deleteMenu functions within the MenuController.java file located in the...

6.5CVSS5.3AI score0.00262EPSS
Exploits1References8
CNNVD
CNNVDadded 2026/02/07 12:0 a.m.4 views

SourceCodester Online Class Record System SQL注入漏洞

The SourceCodester Online Class Record System is an open-source online classroom recording system developed by SourceCodester. Version 1.0 of the SourceCodester Online Class Record System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in t...

9.8CVSS7.2AI score0.00312EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/02/07 12:0 a.m.6 views

PT-2026-6883

Name of the Vulnerable Software and Affected Versions yeqifu warehouse affected versions not specified Description A security issue exists in yeqifu warehouse related to improper authorization. The issue is present in the addRole, updateRole, and deleteRole functions within the RoleController.jav...

6.5CVSS5.3AI score0.00262EPSS
Exploits1References8
CNNVD
CNNVDadded 2026/02/07 12:0 a.m.8 views

warehouse 授权问题漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There are authorization issues in Warehouse; these issues stem from incorrect operations in the Department Management component, specifically in the file...

8.8CVSS6.6AI score0.00276EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2026/02/07 12:0 a.m.16 views

PT-2026-6910

Name of the Vulnerable Software and Affected Versions SourceCodester Online Class Record System version 1.0 Description A flaw exists in SourceCodester Online Class Record System 1.0 that allows for SQL injection. The issue is located in the file /admin/subject/controller.php. Manipulating the ID...

9.8CVSS5.4AI score0.00312EPSS
Exploits0References10
Snyk
Snykadded 2026/02/06 11:7 p.m.2 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the orderscontroller parameter. An attacker can access sensitive personal information of guest users, such as names, addresses, and phone numbers, by supplying a valid order ID for a...

8.7CVSS5.6AI score0.00441EPSS
Exploits1References2
OSV
OSVadded 2026/02/06 1:15 p.m.4 views

CVE-2026-2018

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

9.8CVSS5.7AI score0.00326EPSS
Exploits1References5
NVD
NVDadded 2026/02/06 1:15 p.m.8 views

CVE-2026-2018

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

9.8CVSS0.00326EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/06 12:2 p.m.1 views

CVE-2026-2018

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

9.8CVSS5.5AI score0.00326EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/06 12:2 p.m.4 views

CVE-2026-2018 itsourcecode School Management System controller.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

7.5CVSS5.5AI score0.00326EPSS
Exploits1References5
Cvelist
Cvelistadded 2026/02/06 12:2 p.m.29 views

CVE-2026-2018 itsourcecode School Management System controller.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

7.5CVSS0.00326EPSS
Exploits1References5
EUVD
EUVDadded 2026/02/06 12:2 p.m.8 views

EUVD-2026-5688

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

7.5CVSS7.2AI score0.00326EPSS
Exploits1References5
CVE
CVEadded 2026/02/06 12:2 p.m.11 views

CVE-2026-2018

The CVE affects itsourcecode School Management System 1.0. The weakness is in /ramonsys/settings/controller.php where manipulation of the ID argument triggers SQL injection, with remote exploitation possible and an exploit published. Multiple sources corroborate: Red Hat and CVE records describe ...

9.8CVSS7.2AI score0.00326EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2026/02/06 9:15 a.m.3 views

CVE-2026-2011

A vulnerability was found in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /ramonsys/enrollment/controller.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public...

9.8CVSS5.8AI score
Exploits0References5
NVD
NVDadded 2026/02/06 9:15 a.m.7 views

CVE-2026-2011

A vulnerability was found in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /ramonsys/enrollment/controller.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public...

9.8CVSS0.00326EPSS
Exploits1References5
Rows per page
Query Builder