CVE-2026-2156

CVE-2026-2156 affects code-projects’ Online Student Management System version 1.0, specifically the Announcement Management Module . The vulnerability exists in an unknown function within the file /admin/announcement/index.php?view=add, enabling remote cross-site scripting through manipulation of...

CVE-2026-2156

A weakness has been identified in code-projects Online Student Management System 1.0. The impacted element is an unknown function of the file /admin/announcement/index.php?view=add of the component Announcement Management Module. This manipulation causes cross site scripting. The attack is possib...

EUVD-2026-5793

A weakness has been identified in code-projects Online Student Management System 1.0. The impacted element is an unknown function of the file /admin/announcement/index.php?view=add of the component Announcement Management Module. This manipulation causes cross site scripting. The attack is possib...

CVE-2026-2156 code-projects Online Student Management System Announcement Management index.php cross site scripting

A weakness has been identified in code-projects Online Student Management System 1.0. The impacted element is an unknown function of the file /admin/announcement/index.php?view=add of the component Announcement Management Module. This manipulation causes cross site scripting. The attack is possib...

CVE-2026-2154

A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...

CVE-2026-2154

The CVE describes a cross-site scripting (XSS) vulnerability in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0, affecting the Patient Registration Module via /registration.php. The vulnerability stems from manipulating the First Name parameter, enabling remote expl...

EUVD-2026-5795

A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...

CVE-2026-25533

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar...

CVE-2026-25762

AdonisJS is a TypeScript-first web framework. Prior to versions 10.1.3 and 11.0.0-next.9, a denial of service DoS vulnerability exists in the multipart file handling logic of @adonisjs/bodyparser. When processing file uploads, the multipart parser may accumulate an unbounded amount of data in...

CVE-2020-37141

AMSS++ version 4.31 contains a SQL injection vulnerability in the mail module's maildetail.php script through the 'id' parameter. Attackers can manipulate the 'id' parameter in /modules/mail/main/maildetail.php to inject malicious SQL queries and potentially access or modify database contents...

PT-2026-6982

A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...

PT-2026-6987

Name of the Vulnerable Software and Affected Versions code-projects Online Student Management System version 1.0 Description A flaw exists in the Announcement Management Module of code-projects Online Student Management System. This issue allows for cross site scripting through an unknown functio...

CVE-2025-15564

Mapnik < 4.2.0 is affected by CVE-2025-15564 in mapnik::detail::mod::operator (src/value.cpp), causing a divide-by-zero. The flaw requires local access and has publicly disclosed exploit information; multiple feeds (NVD, Red Hat, Ubuntu, OSV, Debian, etc.) corroborate. The vulnerability impact...

CVE-2026-2111

JeecgBoot

CVE-2026-2111

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this issue is some unknown functionality of the file /airag/knowledge/doc/edit of the component Retrieval-Augmented Generation Module. Executing a manipulation of the argument filePath can lead to path traversal. The attack can ...

CVE-2026-2105 yeqifu warehouse Department Management DeptController.java deleteDept improper authorization

A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\DeptController.java of the component Department Management...

CVE-2026-24920

Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-24919

Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-24917

UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-24914

Type confusion vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability...