EUVD-2026-26033

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /viewprod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2026-30289

An arbitrary file overwrite vulnerability in Tinybeans Private Family Album App v5.9.5-prod allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

Tinybeans Private Family Album App 安全漏洞

Tinybeans Private Family Album App is a private album application developed by the American company Tinybeans. It is designed for recording and sharing family photos and moments of growth. The Tinybeans Private Family Album App v5.9.5-prod version has a security vulnerability. This vulnerability...

CVE-2026-33906

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, the NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file without verifying its contents. A NetworkManager could replace the production database with a tamper...

Malicious code in wiz-prod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ab84d9745e3daaf1cd5779e4ba1d27de0c2ca0403617230b4ed2262069e38c0 The package wiz-prod was found to contain malicious code...

MAL-2026-1875 Malicious code in wiz-prod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ab84d9745e3daaf1cd5779e4ba1d27de0c2ca0403617230b4ed2262069e38c0 The package wiz-prod was found to contain malicious code...

CVE-2019-25440

WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prodid parameter. Attackers can send GET requests to productdetail.php with malicious prodid values to extract sensitive database informatio...

FLIR Systems AX8 Cameras Cross-site Scripting (CVE-2025-5127)

A vulnerability was determined in Teledyne FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. Executing manipulation of the argument cmd can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be...

PT-2026-4820

dcap-qvl implements the quote verification logic for DCAP Data Center Attestation Primitives. A vulnerability present in versions prior to 0.3.9 involves a critical gap in the cryptographic verification process within the dcap-qvl. The library fetches QE Identity collateral including qe identity,...

CVE-2026-0586

A vulnerability was detected in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file handgunner-administrator/prod.php. Performing a manipulation of the argument cat results in cross site scripting. The attack is possible to be carried out...

CVE-2026-0586

A vulnerability was detected in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file handgunner-administrator/prod.php. Performing a manipulation of the argument cat results in cross site scripting. The attack is possible to be carried out...

Code-Projects Online Product Reservation System 代码注入漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. A code injection vulnerability exists in Code-Projects Online Product Reservation System version 1.0, which stems from an incorrect manipulation of the parameter cat in the file...

CVE-2026-0579

CVE-2026-0579 affects Code-Projects Online Product Reservation System 1.0. A SQL injection exists in the POST Parameter Handler for /handgunner-administrator/edit.php, triggered by manipulating the arguments prod_id, name, price, model, or serial. The vulnerability is exploitable remotely and pub...

Code-Projects Online Product Reservation System 代码问题漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. A code issue vulnerability exists in Code-Projects Online Product Reservation System version 1.0, which stems from a functionality flaw in the file /handgunner-administrator/prod.php,...

PT-2026-1187

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A flaw exists in code-projects Online Product Reservation System 1.0 that allows for unrestricted file upload via manipulation of an unknown functionality within the...

Malicious Package

Overview prod-natwest is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in prod-natwest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd39817ff9b18b049493c5014a7a0d4f69bd3cf2f4f2a2aebff64453e6ca7519 The package prod-natwest was found to contain malicious code. Source: ghsa-malware efa89a8af6324d2f6726e938c72b64a0b9a1ffbe7788455e95c7ff05752aba50 A...

MAL-2025-192594 Malicious code in prod-natwest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd39817ff9b18b049493c5014a7a0d4f69bd3cf2f4f2a2aebff64453e6ca7519 The package prod-natwest was found to contain malicious code. Source: ghsa-malware efa89a8af6324d2f6726e938c72b64a0b9a1ffbe7788455e95c7ff05752aba50 A...

Malicious Package

Overview self-service-portal-prod is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

MAL-2025-192288 Malicious code in self-service-portal-prod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e4de1ac227f5bbfb5b8aead3c1eeccbaeaa77d15ff7575b83b4d7899c380eda The package self-service-portal-prod was found to contain malicious code. Source: ghsa-malware...