Lucene search
K

1107 matches found

Cvelist
Cvelist
added 2026/06/02 1:15 a.m.40 views

CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS0.00227EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/02 1:15 a.m.9 views

CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS6.3AI score0.00227EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/02 1:0 a.m.39 views

CVE-2026-10558 SourceCodester Pizzafy Ecommerce System index.php file inclusion

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is now public and may...

6.5CVSS0.00227EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/02 1:0 a.m.12 views

CVE-2026-10558 SourceCodester Pizzafy Ecommerce System index.php file inclusion

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is now public and may...

6.5CVSS6.4AI score0.00227EPSS
Exploits0References6
CVE
CVE
added 2026/06/02 1:0 a.m.27 views

CVE-2026-10558

SourceCodester Pizzafy Ecommerce System 1.0 has a remote file inclusion in /admin/index.php caused by manipulating the page parameter. The vulnerability affects an unknown function and can be exploited remotely; the exploit is publicly available. CVSS metrics in the sources show MEDIUM severity (...

6.5CVSS6.4AI score0.00227EPSS
Exploits0References6
NVD
NVD
added 2026/06/02 12:16 a.m.20 views

CVE-2026-10301

A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...

5.3CVSS0.00273EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.14 views

PT-2026-45680

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS6.3AI score0.00227EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

SourceCodester Pizzafy Ecommerce System 安全漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a security vulnerability, which stems from the handling of the 'page' parameter in the file/index.php, potentially leading t...

6.5CVSS5.3AI score0.00227EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

SourceCodester Pizzafy Ecommerce System 安全漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a security vulnerability, which stems from the handling of the 'page' parameter in the file/admin/index.php, potentially...

6.5CVSS5.3AI score0.00227EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from an operation on the currentpage parameter in the formSysLog function located in the file/goform/formSysLog,...

9CVSS7.7AI score0.00463EPSS
Exploits0References4
NVD
NVD
added 2026/05/24 3:16 p.m.19 views

CVE-2026-9389

A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used...

9CVSS0.00438EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.12 views

Tenda F456 安全漏洞

The Tenda F456 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.5 of the Tenda F456 contains a security vulnerability. This vulnerability stems from improper handling of the parameter “page” in the function frmL7ImForm located in the file/goform/L7Im. It may lead to a...

9CVSS7.5AI score0.00438EPSS
Exploits0References5
NVD
NVD
added 2026/05/22 5:16 a.m.19 views

CVE-2026-6864

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00264EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/22 3:39 a.m.40 views

CVE-2026-6864 CBX 5 Star Rating & Review <= 1.0.7 - Reflected Cross-Site Scripting via 'page' Parameter

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00264EPSS
Exploits0References5
CVE
CVE
added 2026/05/22 3:39 a.m.26 views

CVE-2026-6864

The CVE-2026-6864 concern affects the CBX 5 Star Rating & Review plugin for WordPress. It is a Reflected Cross-Site Scripting flaw via the 'page' parameter in all versions up to 1.0.7, caused by insufficient input sanitization and output escaping. This enables unauthenticated attackers to inject ...

6.1CVSS6AI score0.00264EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/22 3:39 a.m.11 views

CVE-2026-6864 CBX 5 Star Rating & Review <= 1.0.7 - Reflected Cross-Site Scripting via 'page' Parameter

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6AI score0.00264EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/22 3:39 a.m.10 views

CVE-2026-6864

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6AI score0.00264EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/22 3:39 a.m.12 views

EUVD-2026-31409

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6AI score0.00264EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-6841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Request Tracker is vulnerable to a reflected cross-site scripting XSS vulnerability via the Page parameter in GET requests. An attacker can craft a URL that, wh...

6.1CVSS6.1AI score0.00235EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.17 views

PT-2026-42726

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6AI score0.00264EPSS
Exploits0References6
Rows per page
Query Builder