Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

104779 matches found

Cvelist
Cvelistadded 2026/06/08 1:15 a.m.36 views

CVE-2026-11475 Kushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injection

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

6.5CVSS0.00133EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/08 1:15 a.m.6 views

CVE-2026-11475

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

6.5CVSS6.4AI score0.00133EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/08 1:0 a.m.41 views

CVE-2026-11474 Kushan2k student-management-system Registration Endpoint RegisterService.php unrestricted upload

A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of the component Registration Endpoint. Performing a manipulation of the argument stimg results in...

7.5CVSS0.00288EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/08 1:0 a.m.5 views

CVE-2026-11474

A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of the component Registration Endpoint. Performing a manipulation of the argument stimg results in...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References6
CVE
CVEadded 2026/06/08 1:0 a.m.21 views

CVE-2026-11474

CVE-2026-11474 affects Kushan2k student-management-system (Registration Endpoint: RegisterService.php). The vulnerability arises from manipulating the stimg argument, enabling unrestricted file upload. Reported as remotely exploitable with public exploit, implying potential remote attacker impact...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/08 1:0 a.m.6 views

CVE-2026-11474 Kushan2k student-management-system Registration Endpoint RegisterService.php unrestricted upload

A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of the component Registration Endpoint. Performing a manipulation of the argument stimg results in...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/08 12:45 a.m.37 views

CVE-2026-11473 jflyfox jfinal_cms AdvicefeedbackController.java list sql injection

A vulnerability was identified in jflyfox jfinalcms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The project was informed of the problem early through a...

6.5CVSS0.00319EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/08 12:45 a.m.10 views

EUVD-2026-35004

A vulnerability was identified in jflyfox jfinalcms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The project was informed of the problem early through a...

6.5CVSS6.5AI score0.00319EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/08 12:45 a.m.5 views

CVE-2026-11473

A vulnerability was identified in jflyfox jfinalcms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The project was informed of the problem early through a...

6.5CVSS6.5AI score0.00319EPSS
Exploits0References7Affected Software1
EUVD
EUVDadded 2026/06/08 12:30 a.m.8 views

EUVD-2026-35003

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7.1AI score0.00412EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/08 12:30 a.m.4 views

CVE-2026-11472

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7AI score0.00412EPSS
Exploits0References6Affected Software1
NVD
NVDadded 2026/06/08 12:16 a.m.9 views

CVE-2026-11467

A security vulnerability has been detected in jishenghua jshERP up to 3.6. This vulnerability affects the function addAccountHeadAndDetail of the file jshERP-boot/src/main/java/com/jsh/erp/service/AccountHeadService.java of the component addAccountHeadAndDetail Endpoint. Such manipulation of the...

5.5CVSS0.00323EPSS
Exploits0References6
CVE
CVEadded 2026/06/08 12:15 a.m.18 views

CVE-2026-11471

Affected product: SourceCodester Class and Exam Timetabling System 1.0. Vulnerability: SQL injection via manipulation of the Password argument in an unknown function in /index2.php. Impact/scope: Remote exploit possible; exploit has been public. CVSS details in sources indicate network access wit...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/08 12:15 a.m.10 views

EUVD-2026-35002

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/08 12:15 a.m.5 views

CVE-2026-11471

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00412EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/08 12:15 a.m.6 views

CVE-2026-11471 SourceCodester Class and Exam Timetabling System index2.php sql injection

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.9 views

PT-2026-47434

Name of the Vulnerable Software and Affected Versions Tenda HG7HG9 and HG10 affected versions not specified Description A stack-based buffer overflow occurs due to the manipulation of the encodename argument within the formPPPEdit function of the file /boaform/formPPPEdit. This issue allows for...

9CVSS8.1AI score0.00477EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.8 views

PT-2026-47439

A security vulnerability has been detected in CodeAstro Payroll System 1.0. The impacted element is an unknown function of the file /home salary.php. The manipulation of the argument rate/salary rate leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

6.5CVSS6.4AI score0.00209EPSS
Exploits0References9
CNNVD
CNNVDadded 2026/06/08 12:0 a.m.4 views

CodeAstro Leave Management System 注入漏洞

The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a SQL injection vulnerability. This vulnerability stems from the handling of the parameter “Name” in the file/admin/searchstafffordeletion.php,...

6.5CVSS6.6AI score0.002EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/06/08 12:0 a.m.5 views

Bolt CMS 注入漏洞

Bolt CMS is an open-source content management system based on PHP, developed by Bolt CMS. Versions of Bolt CMS 3.7.5 and earlier have a vulnerability related to injection attacks. This vulnerability stems from the handling of the 'style' parameter in the Component HTML Attribute Handler file,...

5.1CVSS5AI score0.00191EPSS
Exploits0References2
Rows per page
Query Builder