CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 6 days ago•9 views

EUVD-2026-35002

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00033EPSS

ATTACKERKB•added 6 days ago•5 views

CVE-2026-11471

7.5CVSS7AI score0.00033EPSS

Exploits0References6Affected Software1

Cvelist•added 6 days ago•35 views

CVE-2026-11471 SourceCodester Class and Exam Timetabling System index2.php sql injection

7.5CVSS0.00033EPSS

Vulnrichment•added 6 days ago•6 views

CVE-2026-11471 SourceCodester Class and Exam Timetabling System index2.php sql injection

7.5CVSS7AI score0.00033EPSS

Vulnrichment•added 6 days ago•7 views

CVE-2026-11470 hs-web hsweb-framework File Upload FileUploadProperties.java denied path traversal

A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...

Cvelist•added 6 days ago•38 views

CVE-2026-11470 hs-web hsweb-framework File Upload FileUploadProperties.java denied path traversal

6.5CVSS0.00074EPSS

EUVD•added 6 days ago•8 views

EUVD-2026-35001

ATTACKERKB•added 6 days ago•3 views

CVE-2026-11470

Exploits0References8Affected Software1

PT-2026-47202

Exploits0References9

6.9CVSS5.4AI score0.00093EPSS

PT-2026-47258

A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has bee...

Positive Technologies•added 6 days ago•6 views

PT-2026-47436

A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of...

6.3CVSS4.9AI score0.00093EPSS

Positive Technologies•added 6 days ago•8 views

PT-2026-47266

This vulnerability exists in Bagisto due to improper validation of user-supplied input in the ImageCacheController component. An unauthenticated remote attacker could exploit this vulnerability by sending crafted path traversal sequences through the filename parameter to access arbitrary files...

8.7CVSS5.7AI score0.00114EPSS

Exploits0References2

Amazon•added 6 days ago•5 views

Medium: libssh2

Issue Overview: A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name ...

7.5CVSS7AI score0.00075EPSS

Exploits0

6.5CVSS6.5AI score0.00033EPSS

PT-2026-47281

A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

Positive Technologies•added 6 days ago•6 views

PT-2026-47338

A vulnerability was detected in imvks786 student management system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting. It is possible to laun...

5.1CVSS4AI score0.00034EPSS

Positive Technologies•added 6 days ago•8 views

PT-2026-47264

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS4.6AI score0.00033EPSS

Positive Technologies•added 6 days ago•6 views

PT-2026-47433

A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import users.php. The manipulation of the argument raw password wit...

6.9CVSS5.6AI score0.00032EPSS

7.5CVSS5.3AI score0.00033EPSS

PT-2026-47335

A security flaw has been discovered in imvks786 student management system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This impacts an unknown function of the file admin/admin login.php of the component Administrator Login Endpoint. Performing a manipulation of the argument a usr/a pwd results...

6.5CVSS6.5AI score0.00033EPSS

PT-2026-47452

A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the argument classId causes sql injection. The attack can be initiated remotely. The exploit has been...