Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

82320 matches found

RedhatCVE
RedhatCVEadded 2026/02/09 7:14 a.m.4 views

CVE-2026-2136

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

9.8CVSS5.5AI score0.00326EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/02/09 7:2 a.m.32 views

CVE-2026-2221 code-projects Online Reviewer System Login index.php sql injection

A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The...

7.5CVSS0.00341EPSS
Exploits1References5
CVE
CVEadded 2026/02/09 7:2 a.m.16 views

CVE-2026-2221

The CVE-2026-2221 entry concerns code-projects Online Reviewer System 1.0, specifically the Login component’s file /login/index.php. The vulnerability is a SQL injection caused by manipulating the Username argument, enabling remote exploitation. Public exploits exist. Impact is described as high ...

9.8CVSS7.1AI score0.00341EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/02/09 6:32 a.m.6 views

CVE-2026-2220

A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessments/pretest/btnfunctions.php. Such manipulation of the argument difficultyid leads to sql injection. The attack can be executed remotely. The...

7.5CVSS5.6AI score0.00341EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2026/02/09 6:16 a.m.8 views

CVE-2026-2217

A vulnerability was found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/manageuser.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be us...

9.8CVSS0.00323EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/09 5:32 a.m.3 views

CVE-2026-2217

A vulnerability was found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/manageuser.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be us...

7.5CVSS7.2AI score0.00323EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2026/02/09 4:15 a.m.6 views

CVE-2026-2212

A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Administrator/PHP/AdminEditCategory.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. Th...

9.8CVSS0.00323EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/09 3:2 a.m.4 views

CVE-2026-2212

A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Administrator/PHP/AdminEditCategory.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. Th...

7.5CVSS7.2AI score0.00323EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linuxadded 2026/02/09 1:43 a.m.7 views

fontforge: FontForge: Remote Code Execution via Use-After-Free in SFD file parsing

A flaw was found in FontForge. This use-after-free vulnerability, occurring during the parsing of SFD Spline Font Database files, allows a remote attacker to execute arbitrary code. Successful exploitation requires user interaction, such as opening a specially crafted malicious file or visiting a...

8.8CVSS6.1AI score0.00474EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/02/09 1:43 a.m.8 views

fontforge: FontForge: Arbitrary code execution via SFD file parsing buffer overflow

A flaw was found in FontForge. A remote attacker could exploit a heap-based buffer overflow vulnerability during SFD file parsing. This issue arises from insufficient validation of user-supplied data length before copying it to a buffer. Successful exploitation requires user interaction, such as...

8.8CVSS6.5AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/02/09 1:35 a.m.6 views

fontforge: FontForge: Remote Code Execution via Use-After-Free in SFD file parsing

A flaw was found in FontForge. This use-after-free vulnerability, occurring during the parsing of SFD Spline Font Database files, allows a remote attacker to execute arbitrary code. Successful exploitation requires user interaction, such as opening a specially crafted malicious file or visiting a...

8.8CVSS6.1AI score0.00474EPSS
Exploits0References5
OSV
OSVadded 2026/02/09 1:16 a.m.3 views

CVE-2026-2199

A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated...

9.8CVSS5.8AI score0.00323EPSS
Exploits1References5
NVD
NVDadded 2026/02/09 1:16 a.m.6 views

CVE-2026-2198

A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/admins/assessments/pretest/loaddata.php. Such manipulation of the argument difficultyid leads to sql injection. It is possible to launch the attack...

9.8CVSS0.00381EPSS
Exploits1References5
NVD
NVDadded 2026/02/09 1:16 a.m.6 views

CVE-2026-2199

A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated...

9.8CVSS0.00323EPSS
Exploits1References5
NVD
NVDadded 2026/02/09 1:16 a.m.5 views

CVE-2026-2197

A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of the argument testid causes sql injection. It is possible to initiate the attack remotely. The...

9.8CVSS0.00323EPSS
Exploits1References5
Cvelist
Cvelistadded 2026/02/09 12:32 a.m.30 views

CVE-2026-2199 code-projects Online Reviewer System user-delete.php sql injection

A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated...

7.5CVSS0.00323EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/09 12:2 a.m.5 views

CVE-2026-2197

A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of the argument testid causes sql injection. It is possible to initiate the attack remotely. The...

7.5CVSS5.5AI score0.00323EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/09 12:2 a.m.6 views

CVE-2026-2196 code-projects Online Reviewer System exam-update.php sql injection

A vulnerability was found in code-projects Online Reviewer System 1.0. This issue affects some unknown processing of the file /system/system/admins/assessments/pretest/exam-update.php. The manipulation of the argument testid results in sql injection. The attack may be performed from remote. The...

7.5CVSS5.4AI score0.00381EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/02/09 12:0 a.m.6 views

PT-2026-7079

C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

8.7CVSS6.3AI score0.0041EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/02/09 12:0 a.m.7 views

PT-2026-7078

C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

7.1CVSS6.3AI score0.00272EPSS
Exploits0References3
Rows per page
Query Builder