CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

220177 matches found

CVE-2026-11520 SourceCodester Inventory System header.php cross site scripting

A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and...

5.1CVSS3.9AI score0.00031EPSS

Exploits0References5

CVE•added 2 days ago•10 views

CVE-2026-11520

Summary: CVE-2026-11520 affects SourceCodester Inventory System 1.0, with the vulnerability in the header.php file enabling cross-site scripting. The issue can be triggered remotely and multiple parameters may be affected. Public exploit material exists. The connected records confirm the vulnerab...

5.1CVSS3.9AI score0.00031EPSS

Exploits0References5

EUVD•added 2 days ago•6 views

EUVD-2026-35070

5.1CVSS3.9AI score0.00031EPSS

Exploits0References5

ATTACKERKB•added 2 days ago•3 views

CVE-2026-11520

5.1CVSS3.9AI score0.00031EPSS

Exploits0References6Affected Software1

CVE•added 2 days ago•7 views

CVE-2026-11519

The CVE concerns SourceCodester Inventory System 1.0, affecting /Product_Inventory/api/users_handler.php in the Account Creation Handler. The ROLE parameter manipulation causes improper authorization, enabling remote exploitation. Public exploit exists. Technical details specify network attack ve...

6.5CVSS6.1AI score0.00036EPSS

Exploits0References5

ATTACKERKB•added 2 days ago•3 views

CVE-2026-11519

A security flaw has been discovered in SourceCodester Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ProductInventory/api/usershandler.php of the component Account Creation Handler. The manipulation of the argument ROLE results in improper...

6.5CVSS6.1AI score0.00036EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2 days ago•3 views

CVE-2026-11519 SourceCodester Inventory System Account Creation users_handler.php improper authorization

6.5CVSS5AI score0.00036EPSS

Exploits0References5

EUVD•added 2 days ago•5 views

EUVD-2026-35069

6.5CVSS6.1AI score0.00036EPSS

Exploits0References5

Cvelist•added 2 days ago•31 views

CVE-2026-11519 SourceCodester Inventory System Account Creation users_handler.php improper authorization

6.5CVSS0.00036EPSS

Exploits0References5

ATTACKERKB•added 2 days ago•3 views

CVE-2026-11518

A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be carried out remotely...

5.3CVSS3.7AI score0.00036EPSS

Exploits0References6Affected Software1

EUVD•added 2 days ago•5 views

EUVD-2026-35068

5.3CVSS3.7AI score0.00036EPSS

Exploits0References6

NVD•added 2 days ago•8 views

CVE-2026-11512

A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

5.3CVSS0.00036EPSS

Exploits0References6

NVD•added 2 days ago•7 views

CVE-2026-11513

A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument Date results in sql injection. The attack can be launched remotely. The exploit is now public and may be used...

6.5CVSS0.00033EPSS

Exploits0References6

NVD•added 2 days ago•4 views

CVE-2026-11511

A weakness has been identified in Bolt CMS up to 3.7.5. This vulnerability affects unknown code of the file src/Storage/Field/Type/TextType.php of the component HTML Attribute Handler. Executing a manipulation of the argument style can lead to HTML injection. It is possible to launch the attack...

5.1CVSS0.00028EPSS

Exploits0References4

NVD•added 2 days ago•6 views

CVE-2026-11515

A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passswordreset.php of the component Password Reset Handler. Such manipulation of the argument newpassword with the input...

6.9CVSS0.0003EPSS

Exploits0References5

OSV•added 2 days ago•5 views

JLSEC-2026-581

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.9AI score0.00084EPSS

Exploits0References10

EUVD•added 2 days ago•7 views

EUVD-2026-35067

A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file /goform/formConfigDnsFilterGlobal. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly...

9CVSS8.2AI score0.00043EPSS

Exploits0References5

ATTACKERKB•added 2 days ago•4 views

CVE-2026-11517

9CVSS8.2AI score0.00043EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2 days ago•2 views

CVE-2026-11517 UTT HiPER 2610G formConfigDnsFilterGlobal strcpy buffer overflow

9CVSS8.2AI score0.00043EPSS

Exploits0References5

CVE•added 2 days ago•12 views

CVE-2026-11516

The CVE-2026-11516 entry applies to UTT HiPER 2610G (up to 3.0.0-171107). The vulnerability arises in the strcpy usage within /goform/formNatStaticMap; crafted input to the NatBinds argument can trigger a buffer overflow. Public exploitation has been noted, indicating the issue is reachable with ...

5.5CVSS6.2AI score0.00037EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by