Lucene search
K

486 matches found

NVD
NVD
added yesterday6 views

CVE-2026-14800

A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...

5.3CVSS0.00159EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday26 views

CVE-2026-14800 imhamzaazam ecommerceFlask cross-site request forgery

A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...

5.3CVSS0.00159EPSS
Exploits0References6
NVD
NVD
added 2 days ago5 views

CVE-2026-14749

A vulnerability was identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. Impacted is the function eval of the file application/pages/imbacalculator/calculate.php. The manipulation of the argument mathematicalsentence leads to code injection. The attack is possible to ...

7.5CVSS0.00322EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-41757

A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...

6.5CVSS6.4AI score0.00204EPSS
Exploits0References6
CVE
CVE
added 2 days ago10 views

CVE-2026-14704

CVE-2026-14704 affects the Stephen-Kruger bluebox project up to version 4.5.12. The vulnerability arises from manipulation of an unnamed argument, enabling cross-site scripting. Exploitation is possible remotely, and public PoCs exist. The issue was brought to the project’s attention via an issue...

5.3CVSS4.4AI score0.00282EPSS
Exploits0References7
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-41708

A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range Check. Performing a manipulation results in incorrect comparison. The attack i...

4.8CVSS5.5AI score0.0024EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago8 views

PT-2026-55797

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote SQL injection is possible due to improper manipulation of the field name argument within the Notes controller::search scratch data function locate...

6.5CVSS6.7AI score0.00204EPSS
Exploits0References9
Cvelist
Cvelist
added 3 days ago38 views

CVE-2026-14685 HdrHistogram AbstractHistogram AbstractHistogram.java recordValueWithCount state issue

A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the component AbstractHistogram. Such manipulation of the argument Count leads to state issue. The attack c...

4.8CVSS0.00118EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-55689

Name of the Vulnerable Software and Affected Versions jairiidriss restaurant-website-php-mysql versions up to 521428b5b612449df0cf4a5d15ee40cba67f3d35 Description A missing authentication flaw exists in the AJAX Endpoint component. A remote attacker can manipulate the '/admin/ajax files' endpoint...

7.5CVSS7.1AI score0.00517EPSS
Exploits0References9
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-41561

A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...

6.5CVSS5.6AI score0.00233EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 7:16 a.m.8 views

CVE-2026-13544

A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the component API. This manipulation causes improper access controls. The attack can be initiated remotely. The exploit has been published and may be used. The project wa...

6.5CVSS0.00214EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/29 7:15 a.m.7 views

EUVD-2026-40046

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS6.7AI score0.00383EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:15 a.m.6 views

CVE-2026-13546

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS5.5AI score0.00383EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/28 1:0 p.m.18 views

CVE-2026-13498

The CVE concerns yashpokharna2555 restaurant-management-system. It identifies a vulnerability in an unknown function within /forgotpassword.php (POST Parameter Handler) where manipulating the email parameter leads to SQL injection. The issue can be exploited remotely and publicly available exploi...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.10 views

PT-2026-53109

Name of the Vulnerable Software and Affected Versions yashpokharna2555 restaurent-management-system affected versions not specified Description An issue exists in the POST Parameter Handler component within the /forgotpassword.php file. Remote manipulation of the email parameter allows for SQL...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.11 views

CVE-2026-11534

A vulnerability was detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting. It is possible to launch...

5.1CVSS4AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.15 views

CVE-2026-11521

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS5.1AI score0.00272EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.16 views

CVE-2026-11478

A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This manipulation causes inefficient regular expression complexity. The attack is restricted to local...

4.8CVSS4.8AI score0.00113EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 4:30 p.m.7 views

CVE-2026-11533

A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...

5.5CVSS5.1AI score0.0023EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:45 p.m.8 views

CVE-2026-11530

A vulnerability was identified in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This affects an unknown function of the file /index.ph of the component Login. Such manipulation of the argument usr/pwd leads to sql injection. The attack can be executed remotely...

7.5CVSS7AI score0.00328EPSS
Exploits0References6
Rows per page
Query Builder