CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

16 matches found

CVE•added 2026/05/07 2:27 a.m.•18 views

CVE-2026-4807

CVE-2026-4807 affects the WordPress plugin “Appointment Booking Calendar” (publicly exposed at WordPress.org) up to version 1.6.10.6. The root cause is missing authorization caused by flawed logic in nonce_permissions_check() combined with a site-wide public nonce exposed via /wp-json/ssa/v1/embe...

6.5CVSS5.9AI score0.0034EPSS

Exploits0References8

RedhatCVE•added 2026/03/04 1:57 a.m.•5 views

CVE-2026-26883

Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=deleteappointment...

2.7CVSS6AI score0.0022EPSS

Exploits1References1

OSV•added 2026/03/03 5:16 p.m.•5 views

CVE-2026-26883

Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=deleteappointment...

2.7CVSS5.9AI score0.0022EPSS

Exploits1References1

NVD•added 2026/03/03 5:16 p.m.•6 views

CVE-2026-26883

Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=deleteappointment...

2.7CVSS0.0022EPSS

Exploits1References1

Vulnrichment•added 2026/03/03 12:0 a.m.•3 views

CVE-2026-26883

Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=deleteappointment...

6AI score0.0022EPSS

Exploits1References1

Cvelist•added 2026/03/03 12:0 a.m.•19 views

CVE-2026-26883

Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=deleteappointment...

Exploits1References1

CVE•added 2026/03/03 12:0 a.m.•8 views

CVE-2026-26883

CVE-2026-26883 affects Sourcecodester Online Men’s Salon Management System v1.0. Affected component: SQL injection vulnerability in /msms/classes/Master.php?f=delete_appointment due to unsanitized input. Reported across multiple sources (NVD, Red Hat, CVE List, etc.). CVSS v3.1 vector: AV:N/AC:L/...

2.7CVSS6AI score0.0022EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2026/03/03 12:0 a.m.•5 views

PT-2026-22751

Sourcecodester Simple Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=delete appointment...

6AI score0.0022EPSS

Exploits1References2

EUVD•added 2026/03/03 12:0 a.m.•4 views

EUVD-2026-9298

Sourcecodester Simple Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=deleteappointment...

2.7CVSS6AI score0.0022EPSS

Exploits1References1

OSV•added 2025/05/17 4:16 a.m.•2 views

CVE-2025-4817

A vulnerability was found in Sourcecodester Doctor's Appointment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete-appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The...

9.8CVSS5.8AI score0.00421EPSS

Exploits1References5

CNNVD•added 2025/05/17 12:0 a.m.•3 views

SourceCodester Doctors Appointment System 注入漏洞

SourceCodester Doctors Appointment System is SourceCodester open source a doctor appointment system. An injection vulnerability exists in SourceCodester Doctors Appointment System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter ID in the file...

9.8CVSS7.8AI score0.00421EPSS

Exploits1References7

OSV•added 2024/11/07 6:15 p.m.•1 views

CVE-2024-10967

A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file /Doctor/deleteuserappointmentrequest.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely...

7.5CVSS5.8AI score0.0074EPSS

Exploits1References5

WPVulnDB•added 2023/06/05 12:0 a.m.•14 views

KiviCare Management System < 3.2.1 - Multiple CSRF

The plugin does not have CSRF checks either flawed or missing completely in various AJAX actions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. This includes, but is not limited to: Delete arbitrary appointments/medical records/etc, create/update...

8.8CVSS9AI score0.00389EPSS

Exploits2Affected Software1

OSV•added 2022/11/03 8:15 p.m.•1 views

CVE-2022-43062

Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteappointment...

7.2CVSS5.8AI score0.00726EPSS

Exploits1References1

Cvelist•added 2022/11/03 12:0 a.m.•18 views

CVE-2022-43062

Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteappointment...

7.5AI score0.00726EPSS

Exploits1References1

Vulnrichment•added 2022/11/03 12:0 a.m.•5 views

CVE-2022-43062

Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=deleteappointment...

7.2AI score0.00726EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by