Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

104938 matches found

CVE
CVEadded 2026/06/01 10:45 a.m.27 views

CVE-2026-10250

The vulnerability CVE-2026-10250 affects itsourcecode Online Blood Bank Management System 1.0. An SQL injection can be triggered by manipulating the hospital argument in an unknown function of the file /admin/campsdetails.php, allowing remote exploitation. Exploit has been released publicly (expl...

7.5CVSS5.7AI score0.00263EPSS
Exploits0References6
CVE
CVEadded 2026/06/01 10:30 a.m.13 views

CVE-2026-10249

The vulnerability CVE-2026-10249 affects itsourcecode Online Blood Bank Management System 1.0, specifically an unknown function in /admin/viewrequest.php where manipulation of the ID argument triggers SQL injection. It can be exploited remotely, and a public exploit is available. The CVSS metrics...

7.5CVSS5.8AI score0.00269EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/01 10:30 a.m.9 views

EUVD-2026-33624

A vulnerability was identified in itsourcecode Online Blood Bank Management System 1.0. Impacted is an unknown function of the file /admin/viewrequest.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might...

7.5CVSS5.8AI score0.00269EPSS
Exploits0References6
CVE
CVEadded 2026/06/01 10:0 a.m.16 views

CVE-2026-10247

CVE-2026-10247 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability lies in the function create_generic_name in /ShowForm/create_generic_name/main, where manipulation of the argument generic_name leads to cross-site scripting. The attack can be carried out remotely an...

5.1CVSS4.3AI score0.00199EPSS
Exploits0References6
NVD
NVDadded 2026/06/01 9:16 a.m.11 views

CVE-2026-40545

SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue affects SOPlanning version 1.55 and below...

5.1CVSS0.00404EPSS
Exploits0References2
NVD
NVDadded 2026/06/01 9:16 a.m.11 views

CVE-2026-10242

A weakness has been identified in itsourcecode Content Management System 1.0. This impacts an unknown function of the file /instructions.php. This manipulation of the argument topicid causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the...

6.5CVSS0.0025EPSS
Exploits0References6
CVE
CVEadded 2026/06/01 9:3 a.m.12 views

CVE-2026-40545

SOPlanning (versions ≤ 1.55) is vulnerable to Reflected XSS via the taches parameter. An attacker who can craft a malicious URL and entice an authenticated user to click it can cause arbitrary JavaScript execution in the victim’s browser. The CVE entry for CVE-2026-40545 explicitly documents this...

5.1CVSS6AI score0.00404EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/01 9:3 a.m.8 views

CVE-2026-40545 Reflected XSS in SOPlanning

SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue affects SOPlanning version 1.55 and below...

5.1CVSS6AI score0.00404EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/01 9:3 a.m.40 views

CVE-2026-40545 Reflected XSS in SOPlanning

SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue affects SOPlanning version 1.55 and below...

5.1CVSS0.00404EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/01 9:3 a.m.9 views

CVE-2026-40545

SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue affects SOPlanning version 1.55 and below...

8.8CVSS6AI score0.00404EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/01 9:3 a.m.11 views

EUVD-2026-33611

SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue affects SOPlanning version 1.55 and below...

8.8CVSS6AI score0.00404EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/01 8:45 a.m.28 views

CVE-2026-10242 itsourcecode Content Management System instructions.php sql injection

A weakness has been identified in itsourcecode Content Management System 1.0. This impacts an unknown function of the file /instructions.php. This manipulation of the argument topicid causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the...

6.5CVSS0.0025EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/01 8:45 a.m.8 views

CVE-2026-10242 itsourcecode Content Management System instructions.php sql injection

A weakness has been identified in itsourcecode Content Management System 1.0. This impacts an unknown function of the file /instructions.php. This manipulation of the argument topicid causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the...

6.5CVSS5.7AI score0.0025EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/01 8:15 a.m.8 views

EUVD-2026-33603

A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown function of the file /airag/airagModel/test. The manipulation of the argument baseUrl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly...

6.5CVSS6.3AI score0.0027EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/01 8:15 a.m.28 views

CVE-2026-10240 JeecgBoot test server-side request forgery

A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown function of the file /airag/airagModel/test. The manipulation of the argument baseUrl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly...

6.5CVSS0.0027EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/01 8:15 a.m.8 views

CVE-2026-10240 JeecgBoot test server-side request forgery

A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown function of the file /airag/airagModel/test. The manipulation of the argument baseUrl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly...

6.5CVSS6.3AI score0.0027EPSS
Exploits0References6
CVE
CVEadded 2026/06/01 7:15 a.m.16 views

CVE-2026-10235

CodeAstro Ingredients Stock Management System 1.0 contains an SQL injection in stock_manager.php via the txt_search_category parameter. The vulnerability affects unknown code in /Ingredients-Stock/stock_manager.php and can be exploited remotely; exploit has been published. No remediation details ...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
NVD
NVDadded 2026/06/01 6:16 a.m.12 views

CVE-2026-10227

A vulnerability has been found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The affected element is an unknown function of the file addusercheck.php of the component User Creation Handler. The manipulation of the argument role leads to sql injectio...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVDadded 2026/06/01 6:16 a.m.12 views

CVE-2026-10225

A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...

7.5CVSS0.00263EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/01 5:30 a.m.11 views

CVE-2026-10228 raisulislamg4 student_management_system_by_php admission_form_check.php cross site scripting

A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

5.1CVSS4.2AI score0.00199EPSS
Exploits0References6
Rows per page
Query Builder