14519 matches found
CVE-2026-14717 itsourcecode Hospital Management System patientlogin.php sql injection
A vulnerability was detected in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /patientlogin.php. Performing a manipulation of the argument loginid results in sql injection. Remote exploitation of the attack is possible. The exploit is now...
CVE-2026-14701
A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/changepassword.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed...
EUVD-2026-41727
A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown part of the file /update.php?q=addquiz of the component Quiz Creation Feature. The manipulation of the argument name/total/right/wrong/time/tag/desc leads to sql injection. The attack can be initiated...
CVE-2026-14704
CVE-2026-14704 affects the Stephen-Kruger bluebox project up to version 4.5.12. The vulnerability arises from manipulation of an unnamed argument, enabling cross-site scripting. Exploitation is possible remotely, and public PoCs exist. The issue was brought to the project’s attention via an issue...
CVE-2026-14704
A vulnerability was found in stephen-kruger bluebox up to 4.5.12. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument code results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could ...
EUVD-2026-41725
A vulnerability was found in stephen-kruger bluebox up to 4.5.12. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument code results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could ...
CVE-2026-14698
CVE-2026-14698 affects SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0, with the vulnerability in file upload_files.php allowing unrestricted file upload after input manipulation. The CVSS metrics indicate a network-accessible, low-privilege, low-impact vulnerabilit...
EUVD-2026-41723
A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file uploadfiles.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been...
CVE-2026-14695
A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveclient of the file classes/Users.php of the component Registration Handler. The manipulation of the argument Name results in sql injection. It is possible to launch the...
CVE-2026-14691
A security vulnerability has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function updatesettingsinfo of the file classes/SystemSettings.php of the component Setting Handler. Such manipulation of the argument content leads to code injection...
CVE-2026-14690
A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveusers of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made availabl...
EUVD-2026-41712
A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveusers of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made availabl...
CVE-2026-14688
A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...
EUVD-2026-41711
A security flaw has been discovered in CodeAstro Apartment Visitor Management System 1.0. The impacted element is an unknown function of the file /apartment-visitor/add-apartment.php. The manipulation of the argument apartmentno results in sql injection. The attack may be launched remotely. The...
CVE-2026-14688
A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...
EUVD-2026-41708
A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range Check. Performing a manipulation results in incorrect comparison. The attack i...
CVE-2026-14686
Technical details about this CVE are not publicly available in the provided documents. Monitor for updates.
PT-2026-55798
Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote cross-site scripting issue exists due to improper manipulation of the argument reference within the add definition function located in the...
PT-2026-55804
Name of the Vulnerable Software and Affected Versions code-projects Hotel and Tourism Reservation version 1.0 Description An issue exists in the Tour Management Page component within the '/admin/add tour.php' endpoint. Remote attackers can perform a SQL injection by manipulating the delete image...
PT-2026-55790
Name of the Vulnerable Software and Affected Versions code-projects Real State Services version 1.0 Description An issue exists in the /single-list rent.php file where manipulating the ID argument allows for remote SQL injection. SQL injection is a technique where malicious SQL statements are...