Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

92663 matches found

NVD
NVDadded 2026/04/09 5:16 a.m.0 views

CVE-2026-5840

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS0.00039EPSS
Exploits0References5
NVD
NVDadded 2026/04/09 4:17 a.m.1 views

CVE-2026-5837

A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

7.5CVSS0.00043EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/09 4:0 a.m.28 views

CVE-2026-5840 PHPGurukul News Portal Project check_availability.php sql injection

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS0.00039EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/09 3:45 a.m.2 views

CVE-2026-5839

A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument sucatdescription leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

5.8CVSS5.8AI score0.00039EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/09 3:15 a.m.2 views

CVE-2026-5837 PHPGurukul News Portal Project news-details.php sql injection

A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

7.5CVSS5.7AI score0.00043EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/09 3:15 a.m.31 views

CVE-2026-5837 PHPGurukul News Portal Project news-details.php sql injection

A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

7.5CVSS0.00043EPSS
Exploits0References5
CVE
CVEadded 2026/04/09 3:0 a.m.7 views

CVE-2026-5836

Affected software and entry point: code-projects Online Shoe Store 1.0, vulnerable via /admin/admin_product.php with manipulation of the product_name parameter. Vulnerability type: cross site scripting (XSS). Impact/conditions: remote initiation; affects user input handling in the admin context; ...

4.8CVSS4.2AI score0.00035EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/09 2:45 a.m.1 views

CVE-2026-5835 code-projects Online Shoe Store admin_football.php cross site scripting

A flaw has been found in code-projects Online Shoe Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/adminfootball.php. Executing a manipulation of the argument productname can lead to cross site scripting. It is possible to launch the attack remotely. The...

4.8CVSS4.4AI score0.00035EPSS
Exploits0References5
NVD
NVDadded 2026/04/09 2:16 a.m.3 views

CVE-2026-5829

A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element is an unknown function of the file /pages/content.php. This manipulation of the argument postid causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

7.5CVSS0.00043EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/09 1:15 a.m.1 views

CVE-2026-5829

A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element is an unknown function of the file /pages/content.php. This manipulation of the argument postid causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

7.5CVSS6.8AI score0.00043EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/04/09 1:15 a.m.28 views

CVE-2026-5829 code-projects Simple IT Discussion Forum content.php sql injection

A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element is an unknown function of the file /pages/content.php. This manipulation of the argument postid causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

7.5CVSS0.00043EPSS
Exploits0References5
CVE
CVEadded 2026/04/09 1:0 a.m.8 views

CVE-2026-5828

CVE-2026-5828 affects code-projects Simple IT Discussion Forum 1.0 . The vulnerability is in an unknown function in /functions/addcomment.php where manipulation of the postid parameter enables SQL injection . Exploitation is feasible remotely with a network attack and requires no privileges or us...

7.5CVSS6.8AI score0.00014EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/09 1:0 a.m.3 views

CVE-2026-5828 code-projects Simple IT Discussion Forum addcomment.php sql injection

A vulnerability was found in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /functions/addcomment.php. The manipulation of the argument postid results in sql injection. The attack may be launched remotely. The exploit has been made public and...

7.5CVSS6.8AI score0.00014EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/09 1:0 a.m.2 views

CVE-2026-5828

A vulnerability was found in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /functions/addcomment.php. The manipulation of the argument postid results in sql injection. The attack may be launched remotely. The exploit has been made public and...

7.5CVSS6.8AI score0.00014EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/09 12:45 a.m.1 views

CVE-2026-5827 code-projects Simple IT Discussion Forum question-function.php sql injection

A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /question-function.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public a...

7.5CVSS5.7AI score0.00014EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/04/09 12:0 a.m.4 views

Code-Projects Online Shoe Store 代码注入漏洞

Code-Projects Online Shoe Store is an open-source online shoe store system developed by Code-Projects. Version 1.0 of Code-Projects Online Shoe Store contains a code injection vulnerability. This vulnerability arises from incorrect handling of the parameter productname in the file...

4.8CVSS5.7AI score0.00035EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/09 12:0 a.m.1 views

CVE-2025-70364

An issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server. NOTE: the Supplier's position is that this is "a historical and intended administrative feature of the product, accessible only to already authenticated users...

6.2AI score0.00061EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/04/09 12:0 a.m.3 views

phpBB 安全漏洞

phpBB is a set of web forum software developed by Ariefibis. Version 3.3.15 of phpBB has a security vulnerability; this vulnerability stems from the cross-site request forgery functionality in the administration control panel icons, which may allow for the execution of arbitrary code...

4.3CVSS5.9AI score0.00023EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/04/09 12:0 a.m.2 views

LimeSurvey(PHPSurveyor) 安全漏洞

LimeSurvey PHPSurveyor is a set of open-source online survey programs developed by the LimeSurvey team. It supports functions such as survey program development, survey questionnaire publishing, and data collection. Versions of LimeSurvey PHPSurveyor prior to 6.15.11+250909 had security...

6.1CVSS5.7AI score0.00044EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/04/09 12:0 a.m.3 views

PT-2026-31607

Disclosure from our research team at Pentest-Tools.com "It's just dev mode" is doing a lot of heavy lifting here. FuelCMS has no enforced access control on the add git submodule installer function. Dev mode on, git over SSH enabled, a valid .git directory in the root: any authenticated user can...

8.3CVSS6.1AI score0.00378EPSS
Exploits1References8
Rows per page
Query Builder