CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/02/19 12:0 a.m.•4 views

PT-2026-20561

Name of the Vulnerable Software and Affected Versions itsourcecode Event Management System version 1.0 Description A SQL injection issue exists in itsourcecode Event Management System version 1.0. The issue is located in the /admin/manage booking.php file, within an unknown function. Manipulation...

7.5CVSS7.4AI score0.00567EPSS

Exploits1References7

Cvelist•added 2026/02/09 9:2 a.m.•29 views

CVE-2026-2225 itsourcecode News Portal Project Administrator Login index.php sql injection

A flaw has been found in itsourcecode News Portal Project 1.0. This vulnerability affects unknown code of the file /admin/index.php of the component Administrator Login. This manipulation of the argument email causes sql injection. The attack can be initiated remotely. The exploit has been...

7.5CVSS0.00416EPSS

Vulnrichment•added 2026/02/09 9:2 a.m.•3 views

CVE-2026-2225 itsourcecode News Portal Project Administrator Login index.php sql injection

7.5CVSS5.4AI score0.00416EPSS

OSV•added 2026/02/09 6:16 a.m.•4 views

CVE-2026-2217

A vulnerability was found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/manageuser.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be us...

9.8CVSS5.8AI score0.00323EPSS

NVD•added 2026/02/09 6:16 a.m.•6 views

CVE-2026-2217

9.8CVSS0.00323EPSS

Cvelist•added 2026/02/09 5:32 a.m.•28 views

CVE-2026-2217 itsourcecode Event Management System manage_user.php sql injection

7.5CVSS0.00323EPSS

ATTACKERKB•added 2026/02/09 5:32 a.m.•3 views

CVE-2026-2217

7.5CVSS7.2AI score0.00323EPSS

Vulnrichment•added 2026/02/09 5:32 a.m.•4 views

CVE-2026-2217 itsourcecode Event Management System manage_user.php sql injection

7.5CVSS5.5AI score0.00323EPSS

CVE•added 2026/02/09 5:32 a.m.•9 views

CVE-2026-2217

CVE-2026-2217 affects itsourcecode Event Management System 1.0. The vulnerable element is /admin/manage_user.php; manipulating the ID parameter yields SQL injection. Exploitation can be remote and publicly disclosed. CVSS data from sources show high impact under various vectors (NVD CVSS3.1 base ...

9.8CVSS7.2AI score0.00323EPSS

RedhatCVE•added 2026/02/09 1:33 a.m.•3 views

CVE-2026-2116

A vulnerability has been found in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/editexpenses.php. Such manipulation of the argument expensesid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to t...

9.8CVSS7.1AI score0.00381EPSS

Exploits1References1

CNNVD•added 2026/02/09 12:0 a.m.•3 views

itsourcecode Event Management System SQL注入漏洞

9.8CVSS7.2AI score0.00323EPSS

CNNVD•added 2026/02/09 12:0 a.m.•2 views

itsourcecode News Portal Project SQL注入漏洞

itsourcecode News Portal Project is an open-source news portal project developed by itsourcecode. Version 1.0 of the itsourcecode News Portal Project contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the "email" parameter in the file/admin/index.php, whi...

9.8CVSS7.2AI score0.00416EPSS

Positive Technologies•added 2026/02/09 12:0 a.m.•7 views

PT-2026-7069

Name of the Vulnerable Software and Affected Versions itsourcecode Event Management System version 1.0 Description A flaw exists in itsourcecode Event Management System version 1.0 that allows for remote code execution. The issue is located in the /admin/manage user.php file, specifically within ...

9.8CVSS7.6AI score0.00323EPSS

Exploits1References10

OSV•added 2026/02/08 11:15 p.m.•2 views

CVE-2026-2190

A security flaw has been discovered in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/user/controller.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been released to the...

9.8CVSS5.8AI score0.00381EPSS

Cvelist•added 2026/02/08 10:32 p.m.•33 views

CVE-2026-2190 itsourcecode School Management System controller.php sql injection

7.5CVSS0.00381EPSS

CVE•added 2026/02/08 10:32 p.m.•12 views

CVE-2026-2190

The CVE-2026-2190 entry affects itsourcecode School Management System 1.0, specifically the file /ramonsys/user/controller.php where SQL injection is triggered by manipulating the ID argument. Multiple connected feeds (Red Hat, NVD, CVE lists, PT Security) confirm remote exploitation possibility,...

9.8CVSS7.2AI score0.00381EPSS

ATTACKERKB•added 2026/02/08 10:2 p.m.•6 views

CVE-2026-2189

A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/report/index.php. The manipulation of the argument ay leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be us...

7.5CVSS7.2AI score0.00381EPSS

Cvelist•added 2026/02/08 10:2 p.m.•35 views

CVE-2026-2189 itsourcecode School Management System index.php sql injection

7.5CVSS0.00381EPSS

CVE•added 2026/02/08 4:2 p.m.•8 views

CVE-2026-2162

The CVE-2026-2162 entry affects itsourcecode News Portal Project 1.0, specifically the /admin/aboutus.php file where the pagetitle parameter is manipulated to trigger SQL injection. The vulnerability can be exploited remotely and exploit details have been publicly disclosed. Multiple sources (NVD...

7.2CVSS5.2AI score0.00318EPSS