Lucene search
K

633 matches found

Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-15134 CodeAstro Simple Online Leave Management System index.php sql injection

A vulnerability was determined in CodeAstro Simple Online Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /SimpleOnlineLeave/index.php. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from...

7.5CVSS0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/21 4:45 a.m.11 views

EUVD-2026-38142

A flaw has been found in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. This affects an unknown part of the file /index.php?page=houses. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has...

6.5CVSS5.6AI score0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/21 4:45 a.m.5 views

CVE-2026-12776

A flaw has been found in Montodel House-Rental-Management up to 90010017b81265eb1ef3810268909f7719a33863. This affects an unknown part of the file /index.php?page=houses. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has...

6.5CVSS5.6AI score0.00192EPSS
Exploits0References5
CVE
CVE
added 2026/06/21 4:45 a.m.33 views

CVE-2026-12776

Montodel House-Rental-Management is affected by an SQL injection in /index.php?page=houses triggered by manipulating the ID parameter. The flaw affects the application as a whole with a remote-access exploit published and the vendor pursuing a rolling-release strategy, making exact affected versi...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References5
NVD
NVD
added 2026/06/19 5:16 p.m.13 views

CVE-2017-20279

Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to index.php with malicious aid values in the makepayment task to extract sensitive...

8.8CVSS0.00237EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 5:16 p.m.13 views

CVE-2017-20281

Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the establename parameter. Attackers can send GET requests to index.php with the option=comextrasearch parameter and...

8.8CVSS0.00267EPSS
Exploits0References3
NVD
NVD
added 2026/06/19 5:16 p.m.12 views

CVE-2017-20274

Joomla LMS King Professional 3.2.4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cpid parameter. Attackers can send GET requests to index.php with the option=comlmsking, view=lmsking,...

8.8CVSS0.00237EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:48 p.m.8 views

CVE-2017-20279

Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to index.php with malicious aid values in the makepayment task to extract sensitive...

8.8CVSS6AI score0.00237EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:38 p.m.6 views

CVE-2017-20276

Joomla! Component SIMGenealogy 2.1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the type parameter. Attackers can send GET requests to index.php with the option=comsimgenealogy, view=latest parameters...

8.8CVSS6AI score0.00237EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/19 4:16 p.m.16 views

CVE-2017-20265

Joomla! Component Flip Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comflipwall&task=click&wallid...

7.1CVSS0.00241EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 3:51 p.m.19 views

CVE-2017-20262

CVE-2017-20262 affects the Joomla! extension Ajax Quiz (version 1.8). The vulnerability is an SQL injection in the cid parameter, exploitable via GET requests to index.php with option=com_ajaxquiz and view=ajaxquiz. An unauthenticated attacker can execute arbitrary SQL and retrieve sensitive data...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 3:17 p.m.15 views

CVE-2017-20252

This CVE affects Joomla NextGen Editor 2.1.0. The vulnerability is an SQL injection in the plname parameter, exploitable via GET requests to index.php with option=com_nge&view=config, enabling an unauthenticated attacker to inject SQL and potentially access sensitive database information. Reporte...

8.8CVSS6.3AI score0.00323EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-50957

Name of the Vulnerable Software and Affected Versions Joomla! Component SIMGenealogy version 2.1.5 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code. This is achieved by sending GET requests to the 'index.php' endpoint with the...

8.8CVSS5.9AI score0.00237EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2026/06/17 12:0 a.m.17 views

httpd:2.4 security update

httpd 2.4.37-65.0.1.8 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65.8 - Resolves: RHEL-173558 - httpd:2.4/httpd: Apache HTTP Server modproxyajp: Arbitrary code execution via heap-based buffer overflow CVE-2026-28780 - Resolves: RHEL-175074 - httpd:2.4/httpd: NULL pointe...

7.5CVSS6.2AI score0.11471EPSS
Exploits8
EUVD
EUVD
added 2026/06/14 12:30 a.m.17 views

EUVD-2026-36656

A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack is possible to be carried out...

5.3CVSS3.7AI score0.00265EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.12 views

CVE-2026-39109

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page index.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database...

9.4CVSS5.7AI score0.00325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.9 views

CVE-2026-8117

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects some unknown processing of the file /admin/index.php. Such manipulation of the argument page leads to cross site scripting. The attack may be launched remotely. The exploit has been...

5.3CVSS3.8AI score0.00269EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.18 views

PT-2026-45890

Name of the Vulnerable Software and Affected Versions SourceCodester Online Food Ordering System version 2.0 Description A remote file inclusion issue exists in the /index.php file. The include function is susceptible to manipulation via the page argument, allowing an attacker to include arbitrar...

7.5CVSS7.2AI score0.00302EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/06/02 8:15 p.m.8 views

CVE-2026-10620 code-projects Student Admission System index.php sql injection

A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

7.5CVSS6.9AI score0.00272EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/02 1:15 a.m.9 views

CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS6.3AI score0.00227EPSS
Exploits0References6
Rows per page
Query Builder