Lucene search
+L

31 matches found

CVE
CVE
added 2026/07/09 3:15 p.m.10 views

CVE-2026-15188

The CVE affects manjurulhoque django-job-portal (up to commit dfa352f305bba44445ac5dc12e9b2a98c9dcd71f). The vulnerability resides in EditEmployeeProfileAPIView (accounts/api/views.py) of the Employee Dashboard Endpoint, where manipulating the role argument leads to improper access controls. An a...

6.5CVSS5.6AI score0.00209EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/09 3:15 p.m.34 views

CVE-2026-15188 manjurulhoque django-job-portal Employee Dashboard Endpoint views.py EditEmployeeProfileAPIView access control

A weakness has been identified in manjurulhoque django-job-portal up to dfa352f305bba44445ac5dc12e9b2a98c9dcd71f. Affected by this vulnerability is the function EditEmployeeProfileAPIView of the file accounts/api/views.py of the component Employee Dashboard Endpoint. This manipulation of the...

6.5CVSS0.00209EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/09 3:15 p.m.8 views

EUVD-2026-42606

A weakness has been identified in manjurulhoque django-job-portal up to dfa352f305bba44445ac5dc12e9b2a98c9dcd71f. Affected by this vulnerability is the function EditEmployeeProfileAPIView of the file accounts/api/views.py of the component Employee Dashboard Endpoint. This manipulation of the...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/20 6:31 a.m.5 views

EUVD-2026-13567

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admineditemployee.php. Executing a manipulation of the argument FirstName can lead to sql injection. It is possible to launch the attack remotely. The exploit ha...

5.8CVSS5.8AI score0.00386EPSS
Exploits1References6
NVD
NVD
added 2026/03/20 5:16 a.m.11 views

CVE-2026-4471

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admineditemployee.php. Executing a manipulation of the argument FirstName can lead to sql injection. It is possible to launch the attack remotely. The exploit ha...

9.8CVSS0.00386EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/20 5:2 a.m.4 views

CVE-2026-4471 itsourcecode Online Frozen Foods Ordering System admin_edit_employee.php sql injection

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admineditemployee.php. Executing a manipulation of the argument FirstName can lead to sql injection. It is possible to launch the attack remotely. The exploit ha...

5.8CVSS5.8AI score0.00386EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/20 5:2 a.m.3 views

CVE-2026-4471

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admineditemployee.php. Executing a manipulation of the argument FirstName can lead to sql injection. It is possible to launch the attack remotely. The exploit ha...

5.8CVSS5.8AI score0.00386EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/03/20 5:2 a.m.17 views

CVE-2026-4471

CVE-2026-4471 affects itsourcecode Online Frozen Foods Ordering System 1.0. The vulnerability is in the /admin/admin_edit_employee.php component where manipulating the First_Name argument can cause a SQL injection. The issue is exploitable remotely and public exploits exist. No remediation/patch ...

9.8CVSS5.8AI score0.00386EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.5 views

PT-2026-26563

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admin edit employee.php. Executing a manipulation of the argument First Name can lead to sql injection. It is possible to launch the attack remotely. The exploit...

5.8CVSS5.8AI score0.00386EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/03 1:48 a.m.4 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

9.8CVSS6AI score0.00391EPSS
Exploits1References1
NVD
NVD
added 2026/03/02 5:16 p.m.6 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

9.8CVSS0.00391EPSS
Exploits1References1
OSV
OSV
added 2026/03/02 5:16 p.m.6 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

9.8CVSS5.9AI score0.00391EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.6 views

Personnel Property Equipment System 安全漏洞

Personnel Property Equipment System is a personnel property equipment management system developed by Jon Remus Sevellejo. Version 1.0 of the sourcecodester Personnel Property Equipment System contains a security vulnerability, which stems from an SQL injection vulnerability in the...

9.8CVSS5.9AI score0.00391EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/02 12:0 a.m.6 views

EUVD-2026-9204

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

6AI score0.00391EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/02 12:0 a.m.1 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

9.8CVSS6AI score0.00391EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.6 views

PT-2026-22654

Name of the Vulnerable Software and Affected Versions sourcecodester Personnel Property Equipment System version 1.0 Description The software is susceptible to SQL Injection in the '/ppes/admin/edit employee.php' endpoint. The vulnerability exists due to insufficient input validation when...

9.8CVSS6AI score0.00391EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/03/02 12:0 a.m.5 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

6AI score0.00391EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/02 12:0 a.m.22 views

CVE-2026-26700

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/editemployee.php...

0.00391EPSS
Exploits1References1
CVE
CVE
added 2026/03/02 12:0 a.m.14 views

CVE-2026-26700

CVE-2026-26700 affects sourcecodester Personnel Property Equipment System v1.0. The vulnerability is a SQL Injection in /ppes/admin/edit_employee.php caused by unsanitized input, enabling potential unauthorized data access or modification. The public metrics assign a CVSS v3.1 base score of 9.8 (...

9.8CVSS6AI score0.00391EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25831

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00455EPSS
Exploits1References6
Rows per page
Query Builder