Lucene search
K

105524 matches found

CVE
CVE
added 2026/04/28 1:15 p.m.14 views

CVE-2026-7281

CVE-2026-7281 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vuln is in the supplier function of /index.php?page=supplier, where manipulating the Name argument triggers cross-site scripting. It can be exploited remotely and the exploit has been publicly disclosed. CVSS data i...

4.8CVSS3.2AI score0.00206EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/28 12:0 p.m.4 views

CVE-2026-7269 SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manipulation of the argument ID results in cross site scripting. It is possible to initiate the attack remotely. The exploit has...

4.8CVSS3.3AI score0.0021EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/28 11:0 a.m.4 views

CVE-2026-7267 SourceCodester Pizzafy Ecommerce System view_prod.php sql injection

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /viewprod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References5
CVE
CVE
added 2026/04/28 11:0 a.m.10 views

CVE-2026-7267

Technical details are not publicly available in the provided documents. Monitor for updates.

6.5CVSS6.3AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/28 10:45 a.m.32 views

CVE-2026-7266 SourceCodester Pizzafy Ecommerce System ajax.php save_order sql injection

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function saveorder of the file /admin/ajax.php?action=saveorder. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public an...

6.5CVSS0.00192EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 10:30 a.m.5 views

EUVD-2026-26031

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function Category of the file pizza/index.php?page=category. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.00241EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 10:30 a.m.7 views

CVE-2026-7265

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function Category of the file pizza/index.php?page=category. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.00241EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/28 10:30 a.m.18 views

CVE-2026-7265

CVE-2026-7265 affects SourceCodester Pizzafy Ecommerce System 1.0. The vulnerability is a SQL injection in the Category function of pizza/index.php?page=category, triggered by manipulating the ID parameter. Remote exploitation is possible and the exploit has been publicly disclosed. The available...

6.5CVSS6.5AI score0.00241EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 9:16 a.m.5 views

CVE-2026-7241

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wifiOff results in os command injection. The attack is possible to be carried...

10CVSS0.02448EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/28 8:45 a.m.5 views

CVE-2026-7248 D-Link DI-8100 CGI Endpoint tgfile.htm tgfile_htm buffer overflow

A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfilehtm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used...

10CVSS9.1AI score0.02154EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/28 8:30 a.m.2 views

CVE-2026-7247 D-Link DI-8100 File Extension file_exten.asp file_exten_asp buffer overflow

A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function fileextenasp of the file fileexten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the attack is possible. The...

8.6CVSS7.3AI score0.00717EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/28 8:30 a.m.6 views

EUVD-2026-26018

A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function fileextenasp of the file fileexten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the attack is possible. The...

8.6CVSS5.6AI score0.00717EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 8:30 a.m.7 views

CVE-2026-7247

A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function fileextenasp of the file fileexten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the attack is possible. The...

8.6CVSS5.6AI score0.00717EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/04/28 8:30 a.m.31 views

CVE-2026-7247 D-Link DI-8100 File Extension file_exten.asp file_exten_asp buffer overflow

A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function fileextenasp of the file fileexten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the attack is possible. The...

8.6CVSS0.00717EPSS
Exploits1References5
NVD
NVD
added 2026/04/28 8:16 a.m.6 views

CVE-2026-7238

A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. This manipulation of the argument txtimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and...

5.8CVSS0.00228EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 7:30 a.m.5 views

CVE-2026-7241

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wifiOff results in os command injection. The attack is possible to be carried...

10CVSS5.2AI score0.02448EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/04/28 7:30 a.m.8 views

EUVD-2026-26014

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wifiOff results in os command injection. The attack is possible to be carried...

10CVSS5.2AI score0.02448EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 7:16 a.m.9 views

CVE-2026-7229

A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST Handler. Performing a manipulation of the argument complaintreply results in sql injection. It is possible to initiate the...

6.5CVSS0.00233EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 7:0 a.m.7 views

EUVD-2026-26009

A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. This manipulation of the argument txtimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and...

5.8CVSS4.9AI score0.00228EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 7:0 a.m.3 views

CVE-2026-7238

A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. This manipulation of the argument txtimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and...

5.8CVSS5.1AI score0.00228EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder