CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/01 1:16 p.m.•11 views

CVE-2026-10251

A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00263EPSS

Vulnrichment•added 2026/06/01 1:15 p.m.•7 views

CVE-2026-10260 CodeAstro Online Job Portal delete-jobs.php sql injection

A vulnerability was detected in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /admin/jobs-admins/delete-jobs.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now...

ATTACKERKB•added 2026/06/01 12:45 p.m.•9 views

CVE-2026-10258

A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unknown function of the file /admin/addsubtopic.php. This manipulation of the argument topicid causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available ...

Exploits0References6Affected Software1

Cvelist•added 2026/06/01 12:30 p.m.•27 views

CVE-2026-10257 itsourcecode Content Management System update_ss_img.php sql injection

6.5CVSS0.00319EPSS

ATTACKERKB•added 2026/06/01 12:30 p.m.•5 views

CVE-2026-10257

Exploits0References6Affected Software1

CVE•added 2026/06/01 12:30 p.m.•12 views

CVE-2026-10257

CVE-2026-10257 affects itsourcecode Content Management System 1.0. The vulnerability is a SQL injection caused by manipulating the topic_id parameter in /admin/update_ss_img.php, with remote exploitation possible and a publicly released exploit. MVN/NVD metrics indicate a MEDIUM impact with netwo...

CVE•added 2026/06/01 12:15 p.m.•11 views

CVE-2026-10256

The CVE-2026-10256 entry affects itsourcecode Content Management System 1.0, with the vulnerability located in /save_comment.php. The issue arises from manipulating the Name parameter to cause SQL injection, enabling remote exploitation. Public exploit code is available. Across CVSS metrics, the ...

Vulnrichment•added 2026/06/01 11:0 a.m.•8 views

CVE-2026-10251 itsourcecode Online House Rental System ajax.php login sql injection

7.5CVSS6.9AI score0.00263EPSS

OSV•added 2026/06/01 10:46 a.m.•3 views

SUSE-SU-2026:21944-1 Security update for vim

This update for vim fixes the following issues - CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim bsc1264706. - CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile via crafted filename bsc1265349. -...

7CVSS6AI score0.00917EPSS

Exploits1References12

EUVD•added 2026/06/01 10:45 a.m.•9 views

EUVD-2026-33625

A security flaw has been discovered in itsourcecode Online Blood Bank Management System 1.0. The affected element is an unknown function of the file /admin/campsdetails.php. Performing a manipulation of the argument hospital results in sql injection. The attack is possible to be carried out...

Vulnrichment•added 2026/06/01 10:45 a.m.•7 views

CVE-2026-10250 itsourcecode Online Blood Bank Management System campsdetails.php sql injection

CVE•added 2026/06/01 10:45 a.m.•26 views

CVE-2026-10250

The vulnerability CVE-2026-10250 affects itsourcecode Online Blood Bank Management System 1.0. An SQL injection can be triggered by manipulating the hospital argument in an unknown function of the file /admin/campsdetails.php, allowing remote exploitation. Exploit has been released publicly (expl...

EUVD•added 2026/06/01 10:30 a.m.•8 views

EUVD-2026-33624

A vulnerability was identified in itsourcecode Online Blood Bank Management System 1.0. Impacted is an unknown function of the file /admin/viewrequest.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might...

7.5CVSS5.8AI score0.00269EPSS

CVE•added 2026/06/01 10:30 a.m.•12 views

CVE-2026-10249

The vulnerability CVE-2026-10249 affects itsourcecode Online Blood Bank Management System 1.0, specifically an unknown function in /admin/viewrequest.php where manipulation of the ID argument triggers SQL injection. It can be exploited remotely, and a public exploit is available. The CVSS metrics...

7.5CVSS5.8AI score0.00269EPSS

CVE•added 2026/06/01 10:0 a.m.•15 views

CVE-2026-10247

CVE-2026-10247 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability lies in the function create_generic_name in /ShowForm/create_generic_name/main, where manipulation of the argument generic_name leads to cross-site scripting. The attack can be carried out remotely an...

5.1CVSS4.3AI score0.00199EPSS

NVD•added 2026/06/01 9:16 a.m.•11 views

CVE-2026-40545

SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue affects SOPlanning version 1.55 and below...

5.1CVSS0.00404EPSS

Exploits0References2

NVD•added 2026/06/01 9:16 a.m.•11 views

CVE-2026-10242

A weakness has been identified in itsourcecode Content Management System 1.0. This impacts an unknown function of the file /instructions.php. This manipulation of the argument topicid causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the...

6.5CVSS0.0025EPSS