Lucene search
K

108 matches found

NVD
NVD
added 2026/07/06 12:16 a.m.7 views

CVE-2026-14783

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skillview of the file tools/skillstool.py. Executing a manipulation of the argument Name can lead to path traversal. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS0.00333EPSS
Exploits0References8
NVD
NVD
added 2026/07/05 8:16 a.m.9 views

CVE-2026-14721

A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack is possible to be carried o...

9CVSS0.00447EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 10:16 a.m.7 views

CVE-2026-13556

A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file /admin/modusers/controller.php?action=edit of the component POST Request Handler. This manipulation of the argument Name causes cross site scripting. The attack may be...

5.3CVSS0.00443EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.10 views

CVE-2026-7855

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tgglasp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is no...

9CVSS8.2AI score0.01057EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.21 views

PT-2026-46976

A vulnerability was found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected by this vulnerability is an unknown functionality of the file /dashboard page/forms/fetch.php. The manipulation of the argument department...

5.3CVSS4AI score0.00273EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/25 3:45 p.m.10 views

CVE-2026-9471 yashpokharna2555 StudentManagementSystem student.php cross site scripting

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRSTNAME results in cross site scripting. The attack can be initiated remotely...

5.1CVSS4.3AI score0.00248EPSS
Exploits0References5
CVE
CVE
added 2026/05/05 6:30 p.m.10 views

CVE-2026-7855

CVE-2026-7855 affects D-Link DI-8100 firmware 16.07.26A1. The vulnerability is in the HTTP Request Handler, specifically the function tggl_asp in the file tggl.asp ; manipulating the Name argument triggers a buffer overflow. The issue is exploitable remotely and the exploit is public. CVSS-based ...

9CVSS7.8AI score0.01057EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/05 6:30 p.m.13 views

CVE-2026-7855 D-Link DI-8100 HTTP Request tggl.asp tggl_asp buffer overflow

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tgglasp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is no...

9CVSS7.8AI score0.01057EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.20 views

PT-2026-36933

Name of the Vulnerable Software and Affected Versions RTGS2017 NagaAgent versions prior to 5.1.1 Description Improper processing of the file 'apiserver/routes/extensions.py' within the Skills Endpoint component allows for a remote path traversal attack. This occurs through the manipulation of the...

7.5CVSS5.7AI score0.00501EPSS
Exploits0References8
NVD
NVD
added 2026/04/25 10:16 p.m.10 views

CVE-2026-7001

A vulnerability was found in Datacom DM4100 1.3.6.1.4.1.3709. This affects an unknown part of the component Ethernet Configuration Page. Performing a manipulation of the argument Name results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public...

4.8CVSS0.00245EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/25 9:15 p.m.4 views

CVE-2026-7001

A vulnerability was found in Datacom DM4100 1.3.6.1.4.1.3709. This affects an unknown part of the component Ethernet Configuration Page. Performing a manipulation of the argument Name results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public...

4.8CVSS3.4AI score0.00245EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/25 9:0 p.m.4 views

CVE-2026-7000 Datacom DM4100 VLAN Page cross site scripting

A vulnerability has been found in Datacom DM4100 1.3.6.1.4.1.3709. Affected by this issue is some unknown functionality of the component VLAN Page. Such manipulation of the argument VLAN Name leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to...

4.8CVSS3AI score0.00245EPSS
Exploits0References3
CVE
CVE
added 2026/04/25 7:15 p.m.11 views

CVE-2026-6995

CVE-2026-6995 concerns BDCOM P3310D (firmware 0.4.2, 10.1.0F Build 86345) and its /index.asp New User Page. The vulnerability arises from manipulating the User name argument, enabling cross-site scripting (XSS). The issue is exploitable remotely and public exploits exist. Documented impact is lim...

4.8CVSS3.3AI score0.00245EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.11 views

PT-2026-35176

A vulnerability was found in Datacom DM4100 1.3.6.1.4.1.3709. This affects an unknown part of the component Ethernet Configuration Page. Performing a manipulation of the argument Name results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public...

4.8CVSS3.3AI score0.00245EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/13 6:30 p.m.2 views

EUVD-2026-22020

A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.3 views

PT-2026-32402

A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed an...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/12 12:45 a.m.6 views

EUVD-2026-21688

A flaw has been found in 1Panel-dev MaxKB up to 2.6.1. This issue affects some unknown processing of the file apps/common/middleware/chatheadersmiddleware.py of the component ChatHeadersMiddleware. This manipulation of the argument Name causes cross site scripting. Remote exploitation of the atta...

5.1CVSS4.5AI score0.00212EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.7 views

PT-2026-32128

A flaw has been found in 1Panel-dev MaxKB up to 2.6.1. This issue affects some unknown processing of the file apps/common/middleware/chat headers middleware.py of the component ChatHeadersMiddleware. This manipulation of the argument Name causes cross site scripting. Remote exploitation of the...

5.1CVSS4.5AI score0.00212EPSS
Exploits0References9
NVD
NVD
added 2026/03/28 11:16 p.m.9 views

CVE-2026-5018

A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The explo...

9.8CVSS0.00345EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/20 3:32 p.m.3 views

CVE-2026-4488 UTT HiPER 1250GW setSysAdm strcpy buffer overflow

A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected is the function strcpy of the file /goform/setSysAdm. Such manipulation of the argument GroupName leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and...

9CVSS7.8AI score0.00507EPSS
Exploits0References4
Rows per page
Query Builder