Lucene search
K

14410 matches found

CVE
CVE
added 1 hour ago3 views

CVE-2026-14796

CVE-2026-14796 affects CodeAstro Apartment Visitor Management System 1.0. Affected component: /apartment-visitor/report.php; vulnerability: SQL injection triggered by manipulating the fromdate parameter. Attackable remotely over network with no user interaction; attacker privileges required: LOW....

6.5CVSS6.5AI score
Exploits0References6
EUVD
EUVD
added 2 hours ago5 views

EUVD-2026-41802

A weakness has been identified in crater-invoice-inc crater up to 6.0.6. This affects the function getFormattedString of the file app/Http/Requests/InvoicesRequest.php of the component Invoice Note Handler. Executing a manipulation of the argument notes can lead to cross site scripting. The attac...

5.1CVSS4.1AI score
Exploits0References7
CVE
CVE
added 4 hours ago5 views

CVE-2026-14789

Radare2 (radareorg) up to 6.1.6 has a stack-based buffer overflow in libr/bin/format/mdmp/mdmp.c of the Memory64ListStream Parser. The vulnerability requires local access; an exploit is public. Patch: 175d4addb68981331c85b10681c2161c38fb5762. Apply the official patch to address the issue.

4.8CVSS6.2AI score
Exploits0References7
CVE
CVE
added 5 hours ago7 views

CVE-2026-14786

The CVE affects radare2 (radareorg) up to version 6.1.6. The vulnerability is in the function r_str_word_get0set within libr/util/str.c, where input handling leads to an integer overflow. Exploitation requires local access, and exploitation details are publicly available via the referenced commit...

4.8CVSS5.7AI score
Exploits0References7
EUVD
EUVD
added 5 hours ago6 views

EUVD-2026-41791

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /uploadfiles.php of the component Filename Extension. Performing a manipulation results in unrestricted upload. Remote...

6.5CVSS5.6AI score
Exploits0References7
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-14776

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /uploadfiles.php of the component Filename Extension. Performing a manipulation results in unrestricted upload. Remote...

6.5CVSS6.3AI score
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-14773

A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS6.5AI score
Exploits0References6Affected Software1
EUVD
EUVD
added yesterday6 views

EUVD-2026-41780

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS6.9AI score
Exploits0References6
EUVD
EUVD
added yesterday5 views

EUVD-2026-41779

A security vulnerability has been detected in code-projects Real State Services 1.0. This issue affects some unknown processing of the file /pay.php. Such manipulation of the argument Bankname leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly...

7.5CVSS6.8AI score
Exploits0References6
CVE
CVE
added yesterday7 views

CVE-2026-14768

CVE-2026-14768 affects code-projects Real State Services 1.0 and concerns the file /builderHome.php. The vulnerability arises from manipulation of the argument loc, enabling SQL injection. It is executable remotely and the exploit has been made publicly available. Documents do not specify the vul...

7.5CVSS6.8AI score
Exploits0References6
EUVD
EUVD
added yesterday5 views

EUVD-2026-41778

A weakness has been identified in code-projects Real State Services 1.0. This vulnerability affects unknown code of the file /builderHome.php. This manipulation of the argument loc causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the...

7.5CVSS6.8AI score
Exploits0References6
CVE
CVE
added yesterday7 views

CVE-2026-14767

CodeAstro Ecommerce Website 1.0 contains a SQL injection in the POST Parameter Handler within /ecommerce-website-php/customer/confirm.php (invoice_no). The vulnerability can be triggered remotely; the exploit has been released publicly. The CVSS-derived metrics in the sources indicate network att...

6.5CVSS6.5AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-14767

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown part of the file /ecommerce-website-php/customer/confirm.php of the component POST Parameter Handler. The manipulation of the argument invoiceno results in sql injection. The attack can be executed...

6.5CVSS6.5AI score
Exploits0References6Affected Software1
EUVD
EUVD
added yesterday7 views

EUVD-2026-41776

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the component POST Parameter Handler. The manipulation of the argument searchdata leads to sql injection...

6.5CVSS5.8AI score
Exploits0References6
EUVD
EUVD
added yesterday7 views

EUVD-2026-41772

A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The manipulation of the argument delete results in sql injection. It is possible to launch the attack...

7.5CVSS6.8AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-14762

A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The manipulation of the argument delete results in sql injection. It is possible to launch the attack...

7.5CVSS6.8AI score
Exploits0References6Affected Software1
EUVD
EUVD
added yesterday7 views

EUVD-2026-41771

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function rstrndup/rstrappend of the file libr/util/str.c. The manipulation leads to integer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be...

4.8CVSS5.2AI score
Exploits0References7
CVE
CVE
added yesterday12 views

CVE-2026-14759

radareorg radare2 up to 6.1.6 is affected by a heap-based overflow in r_bin_java_inner_classes_attr_calc_size (shlr/java/class.c). The vulnerability is triggered via local manipulation of input and has a public exploit; a patch (commit cd62d15a6cbecdc67fd03f3ebdbbbeb741d18f87) is available to fix...

4.8CVSS6.1AI score
Exploits0References7
EUVD
EUVD
added yesterday7 views

EUVD-2026-41769

A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function rbinjavainnerclassesattrcalcsize of the file shlr/java/class.c of the component RBinJava Line Number Table Parser. Performing a manipulation results in heap-based buffer overflow. The attack...

4.8CVSS6.1AI score
Exploits0References7
EUVD
EUVD
added yesterday8 views

EUVD-2026-41763

A vulnerability was found in code-projects Hotel and Tourism Reservation 1.0. Affected by this issue is some unknown functionality of the file /admin/addtour.php of the component Tour Management Page. The manipulation of the argument deleteimage results in sql injection. The attack may be launche...

7.5CVSS6.7AI score
Exploits0References6
Rows per page
Query Builder