Lucene search
K

95 matches found

CVE
CVE
added 4 days ago9 views

CVE-2026-15134

CodeAstro Simple Online Leave Management System 1.0 contains a SQL injection vulnerability in the /SimpleOnlineLeave/index.php endpoint, triggered by manipulating the email parameter. The issue is exploitable remotely over the network, with Proof-of-Concept exploits observed. The CVSS data indica...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/03 8:0 p.m.9 views

EUVD-2026-41565

A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=viewstudent of the component POST Handler. The manipulation of the argument ID leads to authorization...

5.3CVSS5.6AI score0.00223EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55582

Name of the Vulnerable Software and Affected Versions SourceCodester CET Automated Grading System with AI Predictive Analytics version 1.0 Description An authorization bypass exists in the POST Handler component. Remote exploitation is possible by manipulating the ID variable within the...

5.3CVSS6AI score0.00223EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.17 views

PT-2026-49101

Name of the Vulnerable Software and Affected Versions SourceCodester CET Automated Grading System with AI Predictive Analytics version 1.0 Description Cross site scripting is possible through the remote manipulation of the action argument within an unknown function of the '/index.php' endpoint...

5.3CVSS4.8AI score0.00265EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/08 12:30 a.m.14 views

EUVD-2026-35003

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7.1AI score0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/02 2:16 a.m.9 views

CVE-2026-10559

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS0.00227EPSS
Exploits0References6
CVE
CVE
added 2026/06/02 1:15 a.m.22 views

CVE-2026-10559

CVE-2026-10559 affects SourceCodester Pizzafy Ecommerce System 1.0. The flaw is a file inclusion vulnerability in an unknown function of /index.php triggered by manipulation of the page argument, exploitable remotely . The exploit has been published. Per the sources, CVSS metrics indicate a MEDIU...

6.5CVSS6.3AI score0.00227EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/02 1:15 a.m.40 views

CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS0.00227EPSS
Exploits0References6
CVE
CVE
added 2026/06/01 7:45 p.m.25 views

CVE-2026-10287

The vulnerability affects SourceCodester SEO Meta Tag Extractor 1.0, specifically the get_headers function in /index.php. The issue arises from manipulating the url parameter, enabling server-side request forgery (SSRF) that can be initiated remotely. Exploit details have been publicly disclosed....

7.5CVSS5.6AI score0.00294EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/01 4:3 p.m.11 views

CVE-2026-10110

A vulnerability was detected in code-projects Student Details Management System 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument roll results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and m...

7.5CVSS5.7AI score0.00313EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 9:0 p.m.10 views

CVE-2026-9583 SourceCodester CET Automated Grading System with AI Predictive Analytics SQL index.php information exposure

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be...

5.3CVSS5.5AI score0.00242EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/26 9:0 p.m.17 views

EUVD-2026-31999

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be...

5.3CVSS5.5AI score0.00242EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/27 4:59 a.m.5 views

CVE-2026-4842

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is possible...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References1
OSV
OSV
added 2026/03/08 5:16 a.m.5 views

CVE-2026-3702

A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. The attack is possible to be carried out remotely. The exploit is...

6.1CVSS4.2AI score0.00305EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/08 12:0 a.m.8 views

SourceCodester Loan Management System 代码注入漏洞

The SourceCodester Loan Management System is an open-source loan management system developed by SourceCodester. Version 1.0 of the SourceCodester Loan Management System has a code injection vulnerability. This vulnerability stems from incorrect handling of parameters in the file/index.php, which...

6.1CVSS5.7AI score0.00305EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/03/06 12:19 p.m.4 views

CVE-2018-25184 Surreal ToDo 0.6.1.2 Local File Inclusion via index.php

Surreal ToDo 0.6.1.2 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the content parameter. Attackers can supply directory traversal sequences through the content parameter in index.php to access sensitive system files li...

6.9CVSS5.9AI score0.008EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.7 views

Chamilo SQL注入漏洞

Chamilo is a learning management system open source by Chamilo. Chamilo index.php file contains a SQL injection vulnerability , an attacker can use the vulnerability to execute illegal SQL commands to steal sensitive database data...

9.8CVSS5.9AI score0.00587EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.7 views

PT-2026-7618

MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends user-controlled input to the photos directory and attempts to prevent traversal by removing dot-dot sequences, but this protection can be bypassed using crafted...

6.9CVSS5.6AI score0.005EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/20 4:21 p.m.8 views

CVE-2026-1160

A security vulnerability has been detected in PHPGurukul Directory Management System 1.0. Impacted is an unknown function of the file /index.php of the component Search. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS5.4AI score0.00326EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.12 views

PT-2026-2429

Name of the Vulnerable Software and Affected Versions Webgrind version 1.1 Description Webgrind version 1.1 contains a remote command execution issue. Unauthenticated attackers can inject OS commands through the dataFile parameter in the ''index.php'' file. Attackers can execute arbitrary system...

9.8CVSS7.5AI score0.01459EPSS
Exploits1References5
Rows per page
Query Builder