CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

NVD•added 2026/05/04 1:16 a.m.•7 views

CVE-2026-7716

A vulnerability was found in code-projects Gym Management System In PHP and Windows NT 1.0. This vulnerability affects unknown code of the file /index.php. Performing a manipulation of the argument day results in sql injection. The attack can be initiated remotely. The exploit has been made publi...

6.5CVSS0.00192EPSS

Exploits0References5

Cvelist•added 2026/05/04 12:45 a.m.•32 views

CVE-2026-7716 code-projects Gym Management System In PHP/Windows NT index.php sql injection

6.5CVSS0.00192EPSS

Exploits0References5

CVE•added 2026/05/04 12:45 a.m.•13 views

CVE-2026-7716

CVE-2026-7716 describes an SQL injection in the Gym Management System (code-projects) for PHP on Windows NT 1.0, via manipulation of the day parameter in /index.php. The exact vulnerable component and file are /index.php; the root cause is improper handling of user input leading to SQL injection....

6.5CVSS6.5AI score0.00192EPSS

Exploits0References5

EUVD•added 2026/05/04 12:45 a.m.•4 views

EUVD-2026-26867

6.5CVSS6.5AI score0.00192EPSS

Exploits0References5

Positive Technologies•added 2026/05/04 12:0 a.m.•12 views

PT-2026-36744

Name of the Vulnerable Software and Affected Versions Gym Management System In PHP and Windows NT 1.0 affected versions not specified Description A remote SQL injection can be triggered through the manipulation of the day argument in the '/index.php' endpoint. SQL injection is a type of flaw that...

6.5CVSS6.6AI score0.00192EPSS

Exploits0References7

CNNVD•added 2026/05/04 12:0 a.m.•5 views

Code-Projects Gym Management System 注入漏洞

Code-Projects Gym Management System is an open-source gym management system developed by Code-Projects. Version 1.0 of the Code-Projects Gym Management System has a SQL injection vulnerability. This vulnerability arises from the handling of the 'day' parameter in the file/index.php, allowing...

6.5CVSS6.6AI score0.00192EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2009-0338

Malware in sbrugna...

7.5CVSS6.4AI score0.00993EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-0260

Malware in sbrugna...

7.5CVSS6.4AI score0.01514EPSS

Exploits1References9

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2007-2206

Malware in sbrugna...

7.5CVSS6.4AI score0.01061EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-27468

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.09815EPSS

Exploits0References4

OSV•added 2025/09/09 8:15 p.m.•4 views

CVE-2025-34174

In pfSense CE /usr/local/www/statustraffictotals.php, the value of the start-day parameter is not ensured to be a numeric value or sanitized of HTML-related characters/strings before being directly displayed in the input box. This value can be saved as the default value to be displayed to all use...

5.4CVSS6.1AI score

Exploits0References3

CNNVD•added 2025/09/09 12:0 a.m.•3 views

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the start-day parameter not validating as a...

5.4CVSS5.8AI score0.09815EPSS

Exploits0References4

CNNVD•added 2024/09/28 12:0 a.m.•3 views

SourceCodester Online Timesheet App 跨站脚本漏洞

SourceCodester Online Timesheet App is a SourceCodester open source web application built with PHP and MySQL designed to simplify time management and task tracking. A cross-site scripting vulnerability exists in version 1.0 of the SourceCodester Online Timesheet App, which stems from a cross-site...

5.4CVSS4.5AI score0.00402EPSS

Exploits1References2

CNNVD•added 2024/04/25 12:0 a.m.•2 views

Tenda 4G300 安全漏洞

The Tenda 4G300 is a portable wireless router aimed at users who need mobile Internet access scenarios. The Tenda 4G300 suffers from a buffer overflow vulnerability that stems from incorrect manipulation of the parameters year/month/day/hour/minute/second, for which no detailed vulnerability...

9CVSS7.4AI score0.01755EPSS

Exploits1References5

OSV•added 2024/03/01 6:15 p.m.•2 views

CVE-2024-2075

A vulnerability was found in SourceCodester Daily Habit Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/update-tracker.php. The manipulation of the argument day leads to cross site scripting. The attack can be...

5.4CVSS3.8AI score0.00536EPSS

Exploits1References3

OSV•added 2023/11/07 10:15 p.m.•2 views

CVE-2023-46793

Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'day' parameter in the 'register' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS5.8AI score0.00831EPSS

Exploits1References2

Positive Technologies•added 2023/11/07 12:0 a.m.•4 views

PT-2023-30220 · Unknown · Online Matrimonial Project

Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the day parameter in the register function of the functions.php resource does not validate the...

9.8CVSS9.8AI score0.00831EPSS

Exploits1References4

CNNVD•added 2022/08/08 12:0 a.m.•2 views

SourceCodester Gym Management System SQL注入漏洞

SourceCodester Gym Management System is an American SourceCodester company's gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, databas...

8.8CVSS7.7AI score0.00607EPSS

Exploits1References3