CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

982 matches found

ATTACKERKB•added 2026/03/24 2:14 a.m.•1 views

CVE-2026-4624

A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a manipulation of the argument searchField results in sql injection. The attack can be initiated...

7.5CVSS6.9AI score0.00045EPSS

Exploits0References5Affected Software1

EUVD•added 2026/03/24 12:30 a.m.•1 views

EUVD-2026-14660

A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This manipulation of the argument subjectcode causes sql injection. The attack is possible to be carri...

6.5CVSS5.6AI score0.00042EPSS

Exploits0References6

EUVD•added 2026/03/24 12:30 a.m.•2 views

EUVD-2026-14604

A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0. This affects an unknown part of the file /hotel/admin/modusers/index.php?view=edit&id=8 of the component Parameter Handler. The manipulation of the argument accountid leads to sql injection. Remote exploitation of t...

7.5CVSS5.5AI score0.00045EPSS

Exploits0References6

ATTACKERKB•added 2026/03/23 11:38 p.m.•3 views

CVE-2026-4614

6.5CVSS6.3AI score0.00042EPSS

Exploits0References5Affected Software1

NVD•added 2026/03/23 10:16 p.m.•2 views

CVE-2026-4612

7.5CVSS0.00045EPSS

Exploits0References5

Positive Technologies•added 2026/03/23 12:0 a.m.•2 views

PT-2026-27268

Name of the Vulnerable Software and Affected Versions itsourcecode sanitize or validate this input version 1.0 Description A flaw exists in the processing of the /admin/subjects.php file within the Parameter Handler component. Manipulation of the subject code argument can lead to SQL injection...

6.5CVSS6.6AI score0.00042EPSS

Exploits0References7

EUVD•added 2026/03/21 9:31 a.m.•2 views

EUVD-2026-14242

A weakness has been identified in PbootCMS up to 3.2.12. This impacts the function alertlocation of the file apps/home/controller/MemberController.php of the component Parameter Handler. This manipulation of the argument backurl causes cross site scripting. Remote exploitation of the attack is...

5.3CVSS4.2AI score0.00042EPSS

Exploits0References5

CVE•added 2026/03/21 7:2 a.m.•5 views

CVE-2026-4510

CVE-2026-4510 affects PbootCMS up to 3.2.12. The flaw exists in the Parameter Handler’s function alert_location within apps/home/controller/MemberController.php, where manipulating the backurl argument enables cross-site scripting. Remote exploitation is possible and an exploit has been made publ...

5.3CVSS4.3AI score0.00042EPSS

Exploits0References4

Cvelist•added 2026/03/21 7:2 a.m.•28 views

CVE-2026-4510 PbootCMS Parameter MemberController.php alert_location cross site scripting

5.3CVSS0.00042EPSS

Exploits0References4

Positive Technologies•added 2026/03/21 12:0 a.m.•3 views

PT-2026-26883

A weakness has been identified in PbootCMS up to 3.2.12. This impacts the function alert location of the file apps/home/controller/MemberController.php of the component Parameter Handler. This manipulation of the argument backurl causes cross site scripting. Remote exploitation of the attack is...

5.3CVSS4.3AI score0.00042EPSS

Exploits0References5

EUVD•added 2026/03/12 9:31 a.m.•0 views

EUVD-2026-11538

A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...

9CVSS6.4AI score0.00106EPSS

Exploits1References6

EUVD•added 2026/03/12 9:31 a.m.•2 views

EUVD-2026-11540

A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...

9CVSS6.3AI score0.00112EPSS

Exploits1References8

NVD•added 2026/03/12 7:16 a.m.•0 views

CVE-2026-4007

9CVSS0.00106EPSS

Exploits1References5

NVD•added 2026/03/12 7:16 a.m.•2 views

CVE-2026-4008

9CVSS0.00112EPSS

Exploits1References7

CVE•added 2026/03/12 6:32 a.m.•7 views

CVE-2026-4008

CVE-2026-4008 affects Tenda W3 1.0.0.3(2204). The flaw occurs in the POST Parameter Handler for the /goform/wifiSSIDset path, where manipulation of the argument index/GO leads to a stack-based buffer overflow. It can be exploited remotely, and an exploit has been published. Affected version detai...

9CVSS7.9AI score0.00112EPSS

Exploits1References7Affected Software1

Cvelist•added 2026/03/12 6:32 a.m.•18 views

CVE-2026-4008 Tenda W3 POST Parameter wifiSSIDset stack-based overflow

9CVSS0.00112EPSS

Exploits1References7

ATTACKERKB•added 2026/03/12 6:32 a.m.•2 views

CVE-2026-4008

9CVSS6.3AI score0.00112EPSS

Exploits1References7Affected Software1

Vulnrichment•added 2026/03/12 6:32 a.m.•2 views

CVE-2026-4008 Tenda W3 POST Parameter wifiSSIDset stack-based overflow

9CVSS6.3AI score0.00112EPSS

Exploits1References7

CVE•added 2026/03/12 6:32 a.m.•8 views

CVE-2026-4007

CVE-2026-4007 affects Tenda W3 1.0.0.3(2204). The vulnerability arises in the POST Parameter Handler, specifically the file /goform/wifiSSIDget, where manipulation of the argument index leads to a stack-based buffer overflow. This enables a remote attack and the exploit is public. Documented CVSS...

9CVSS7.9AI score0.00106EPSS

Exploits1References5Affected Software1

ATTACKERKB•added 2026/03/12 6:32 a.m.•1 views

CVE-2026-4007

9CVSS6.4AI score0.00106EPSS

Exploits1References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by