Lucene search
K

377 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/13 4:45 a.m.2 views

CVE-2026-6161

A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely. The exploit has...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/13 4:15 a.m.3 views

CVE-2026-6159

A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be performed from...

5.3CVSS4.1AI score0.00269EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/13 4:15 a.m.13 views

CVE-2026-6159

CVE-2026-6159 affects code-projects Simple ChatBox up to version 1.0. The vulnerability is in the Endpoint component’s file /chatbox/insert.php where manipulating the msg parameter leads to a cross-site scripting (XSS) issue. It can be triggered remotely and exploitation has been publicly disclos...

5.3CVSS4.1AI score0.00269EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.5 views

Code-Projects Simple ChatBox SQL注入漏洞

Code-Projects Simple ChatBox is a simple chat box system developed by Code-Projects as open source. Versions of Code-Projects Simple ChatBox 1.0 and earlier contained a SQL injection vulnerability. This vulnerability stemmed from incorrect handling of the msg parameter in the...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/07 10:51 a.m.6 views

CVE-2026-5637

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References1
NVD
NVD
added 2026/04/06 9:16 a.m.4 views

CVE-2026-5637

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS0.00259EPSS
Exploits0References4
CVE
CVE
added 2026/04/06 8:15 a.m.16 views

CVE-2026-5637

CVE-2026-5637 affects projectworlds Car Rental System 1.0. The vulnerability lies in the Parameter Handler’s unknown code path that manipulates the Message argument in /message_admin.php, leading to an SQL injection. It can be exploited remotely, and the exploit has been disclosed publicly (explo...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/06 8:15 a.m.3 views

CVE-2026-5637

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.7 views

Car Rental System SQL注入漏洞

Car Rental System is a car rental system developed by AMEY THAKUR, an individual developer in India. Version 1.0 of Car Rental System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “Message” in the file /messageadmin.php, which may lead to SQ...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.5 views

PT-2026-30583

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /message admin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/01 3:31 p.m.2 views

EUVD-2026-17899

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Zoo Management System v1.0. The vulnerability is located in the login page, specifically within the msg parameter. The application reflects the content of the msg parameter back to the user without proper HTML encoding or...

6.1CVSS6AI score0.00252EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29534

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Zoo Management System v1.0. The vulnerability is located in the login page, specifically within the msg parameter. The application reflects the content of the msg parameter back to the user without proper HTML encoding or...

6.1CVSS6AI score0.00252EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.6 views

CVE-2026-30557

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcategory.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

5.4CVSS6AI score0.00252EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.3 views

CVE-2026-30558

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcustomer.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

5.4CVSS6AI score0.00252EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/31 4:59 a.m.6 views

CVE-2026-30556

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...

6.1CVSS6AI score0.00252EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/30 6:31 p.m.4 views

EUVD-2026-17096

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addcategory.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6AI score0.00252EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/30 6:31 p.m.4 views

EUVD-2026-17101

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addstock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...

9.3CVSS6AI score0.00321EPSS
Exploits1References2
NVD
NVD
added 2026/03/30 4:16 p.m.5 views

CVE-2026-30561

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addpurchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HT...

6.1CVSS0.00252EPSS
Exploits1References1
NVD
NVD
added 2026/03/30 4:16 p.m.6 views

CVE-2026-30562

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addstock.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...

9.3CVSS0.00321EPSS
Exploits1References1
CVE
CVE
added 2026/03/30 12:0 a.m.8 views

CVE-2026-30559

CVE-2026-30559 affects SourceCodester Sales and Inventory System 1.0. A Reflected Cross-Site Scripting (XSS) vulnerability exists in add_sales.php via the msg parameter, where input is not sanitized, allowing remote attackers to inject arbitrary script/HTML through a crafted URL. The CVSS basis i...

6.1CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder