Lucene search
K

388530 matches found

Packet Storm News
Packet Storm News
added 2026/12/29 12:0 a.m.254 views

GNUnet P2P Framework 0.26.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

6.8AI score
Exploits0
CVE
CVE
added 4 hours ago7 views

CVE-2026-59510

The CVE concerns AIL Framework’s PDF object handling. The vulnerable code in PDF.get_filepath() joined the configured PDF storage directory with a path derived from a PDF object identifier without ensuring the final path stayed inside the PDF_FOLDER. Authenticated attackers could supply crafted i...

7.1CVSS5.9AI score
Exploits0References1
CVE
CVE
added 8 hours ago7 views

CVE-2026-14752

The vulnerability (CVE-2026-14752) affects mjperpinosa stumasy, specifically the function add_definition in application/PHP/objects/notes/add_into_dictionary.php. The root cause is input argument manipulation that leads to cross-site scripting. It can be exploited remotely, and the exploit has be...

5.1CVSS4.2AI score
Exploits0References6
BDU FSTEC
BDU FSTEC
added 10 hours ago12 views

The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...

8.5CVSS6.1AI score
Exploits0Affected Software1
EUVD
EUVD
added 10 hours ago6 views

EUVD-2026-41750

A weakness has been identified in code-projects Real State Services 1.0. This impacts an unknown function of the file /single-listrent.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to t...

7.5CVSS5.9AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 10 hours ago7 views

CVE-2026-14744

A security flaw has been discovered in code-projects Real State Services 1.0. This affects an unknown function of the file /normalHomeRent.php. Performing a manipulation of the argument loc results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to...

7.5CVSS6.8AI score
Exploits0References6Affected Software1
CVE
CVE
added 11 hours ago7 views

CVE-2026-14738

Technical details are not publicly available in the provided documents; monitor for updates.

6.3CVSS5.2AI score
Exploits0References7
ATTACKERKB
ATTACKERKB
added 12 hours ago3 views

CVE-2026-14735

A vulnerability has been found in code-projects Smart Parking System 1.0. The affected element is an unknown function of the file /parkings/parkings.php. Such manipulation of the argument street/city/status leads to sql injection. The attack can be executed remotely. The exploit has been disclose...

7.5CVSS6.8AI score
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 13 hours ago3 views

CVE-2026-14733

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. This issue affects some unknown processing of the file /editcoursea.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be us...

7.5CVSS6.9AI score
Exploits0References6Affected Software1
EUVD
EUVD
added 13 hours ago8 views

EUVD-2026-41738

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientprofile.php. Performing a manipulation of the argument patientname results in sql injection. The attack can be initiated remotely. The explo...

6.5CVSS6.5AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 14 hours ago5 views

CVE-2026-14721

A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack is possible to be carried o...

9CVSS7.6AI score
Exploits0References5Affected Software1
EUVD
EUVD
added 17 hours ago8 views

EUVD-2026-41726

A vulnerability was determined in code-projects Online Examination 1.0. Affected by this issue is some unknown functionality of the file head.php. Executing a manipulation of the argument uname/password can lead to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS6.9AI score
Exploits0References6
EUVD
EUVD
added 17 hours ago8 views

EUVD-2026-41722

A vulnerability has been found in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /patientorder.php. Such manipulation of the argument editid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and...

6.5CVSS5.8AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 18 hours ago4 views

CVE-2026-14702

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted ...

2.5CVSS5.2AI score
Exploits0References7Affected Software1
EUVD
EUVD
added 18 hours ago9 views

EUVD-2026-41721

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted ...

2.5CVSS5.2AI score
Exploits0References7
EUVD
EUVD
added 18 hours ago9 views

EUVD-2026-41720

A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/changepassword.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed...

6.5CVSS5.8AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 18 hours ago8 views

CVE-2026-14700

A security vulnerability has been detected in code-projects Internship Management System 1.0. The impacted element is an unknown function of the file employer/login.php of the component Employer Login Endpoint. The manipulation of the argument email/password leads to sql injection. Remote...

7.5CVSS6.8AI score
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 18 hours ago4 views

CVE-2026-14699

A weakness has been identified in zcaceres markdownify-mcp up to 1.1.0. The affected element is the function assertPathAllowed of the file src/Markdownify.ts. Executing a manipulation can lead to symlink following. The attack can only be executed locally. The pull request to fix this issue awaits...

4.8CVSS5.6AI score
Exploits0References8Affected Software1
Nuclei
Nuclei
added 19 hours ago30 views

Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion

A directory traversal vulnerability in the Affiliate Datafeeds comdatafeeds component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1979 info: name: Joomla! Component Affiliate Datafeeds 880 - Local Fi...

6.8CVSS6.1AI score0.1115EPSS
Exploits1References5
Nuclei
Nuclei
added 19 hours ago34 views

Chyrp 2.x - Local File Inclusion

A directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F encoded dot dot slash in the action parameter to the default URI. id: CVE-2011-2744 info: name: Chyrp 2.x - Local File Inclusion author: daffainfo severity...

6.8CVSS6.2AI score0.0896EPSS
Exploits1References5
Rows per page
Query Builder