Lucene search
K

220928 matches found

EUVD
EUVD
added 2026/05/25 1:45 a.m.13 views

EUVD-2026-31618

A weakness has been identified in code-projects Employee Management System 1.0. This affects an unknown function of the file /eloginwel.php. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been made available to the...

5.3CVSS4.4AI score0.00263EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/25 1:45 a.m.10 views

CVE-2026-9415 code-projects Employee Management System eloginwel.php cross site scripting

A weakness has been identified in code-projects Employee Management System 1.0. This affects an unknown function of the file /eloginwel.php. This manipulation of the argument ID causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been made available to the...

5.3CVSS4.4AI score0.00263EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 1:30 a.m.12 views

EUVD-2026-31616

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 1:30 a.m.7 views

CVE-2026-9414

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/25 1:15 a.m.6 views

CVE-2026-9413

A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly availabl...

5.3CVSS4.2AI score0.00263EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/25 1:15 a.m.38 views

CVE-2026-9413 SourceCodester Indian Invoicing System category.php cross site scripting

A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly availabl...

5.3CVSS0.00263EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/25 1:15 a.m.9 views

CVE-2026-9413 SourceCodester Indian Invoicing System category.php cross site scripting

A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly availabl...

5.3CVSS4.2AI score0.00263EPSS
Exploits0References5
CVE
CVE
added 2026/05/25 1:15 a.m.21 views

CVE-2026-9413

SourceCodester Indian Invoicing System 1.0 is affected by a cross-site scripting (XSS) flaw in the /Invoicing/category.php file. The vulnerability stems from manipulation of the message parameter (msg) that enables remote execution of an attacker-supplied script. Public exploit code exists. No re...

5.3CVSS4.2AI score0.00263EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/05/25 1:0 a.m.72 views

security-writeups

s...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/25 1:0 a.m.8 views

CVE-2026-9412 SourceCodester Indian Invoicing System Backend Endpoint access control

A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 1:0 a.m.6 views

CVE-2026-9412

A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/25 1:0 a.m.17 views

EUVD-2026-31613

A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/25 12:45 a.m.8 views

CVE-2026-9411 SourceCodester Indian Invoicing System Invoice Generation IGST_Invoice.php sql injection

A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGSTInvoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customername/category results in sql injection. The...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 12:45 a.m.38 views

CVE-2026-9411 SourceCodester Indian Invoicing System Invoice Generation IGST_Invoice.php sql injection

A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGSTInvoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customername/category results in sql injection. The...

6.5CVSS0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 12:45 a.m.5 views

CVE-2026-9411

A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGSTInvoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customername/category results in sql injection. The...

6.5CVSS5.6AI score0.00192EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/25 12:45 a.m.11 views

EUVD-2026-31614

A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGSTInvoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customername/category results in sql injection. The...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 12:30 a.m.14 views

EUVD-2026-31612

A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launc...

5.3CVSS5.4AI score0.00198EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/25 12:30 a.m.35 views

CVE-2026-9410 Sushmi-pal Invoice-System Profile Workflow profile improper authorization

A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launc...

5.3CVSS0.00198EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/25 12:30 a.m.8 views

CVE-2026-9410 Sushmi-pal Invoice-System Profile Workflow profile improper authorization

A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launc...

5.3CVSS5.4AI score0.00198EPSS
Exploits0References4
NVD
NVD
added 2026/05/25 12:16 a.m.14 views

CVE-2026-9408

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

10CVSS0.01732EPSS
Exploits0References5
Rows per page
Query Builder