Lucene search
K

14343 matches found

ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-13569

A security vulnerability has been detected in weng-xianhu EyouCMS up to 1.7.1. This issue affects some unknown processing of the file /index.php of the component API. Such manipulation of the argument clicklike leads to sql injection. The attack can be executed remotely. The exploit has been...

5.8CVSS5.6AI score0.0021EPSS
Exploits0References7Affected Software1
NVD
NVD
added 4 days ago7 views

CVE-2026-13564

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS0.00751EPSS
Exploits0References5
NVD
NVD
added 4 days ago6 views

CVE-2026-13558

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue affects some unknown processing of the file /report/addreport of the component Report Handler. Performing a manipulation of the argument Report Title results in cross site scripting. Remote exploitation o...

5.1CVSS0.00328EPSS
Exploits0References6
CVE
CVE
added 4 days ago8 views

CVE-2026-13566

SourceCodester Class and Exam Timetabling System 1.0 contains an SQL injection in the /preview3.php script triggered by manipulating the course_year_section parameter. The issue is exploitable remotely, with a publicly available exploit. The provided documents do not specify the vulnerable hostin...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-13564

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS7.9AI score0.00751EPSS
Exploits0References5Affected Software1
CVE
CVE
added 4 days ago9 views

CVE-2026-13561

Edimax EW-7478APC 1.04 is affected by CVE-2026-13561 in the formiNICbasic function of /goform/formiNICbasic within the POST Request Handler. The rootAPmac argument can be manipulated to achieve OS command injection, with remote execution possible as per the description. The exploit is public and ...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References5
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-40070

A weakness has been identified in code-projects Real State Services 1.0. Impacted is an unknown function of the file /single-listsale.php?action=add. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been made available to...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-40067

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue affects some unknown processing of the file /report/addreport of the component Report Handler. Performing a manipulation of the argument Report Title results in cross site scripting. Remote exploitation o...

5.1CVSS4.5AI score0.00328EPSS
Exploits0References6
CVE
CVE
added 4 days ago9 views

CVE-2026-13558

CVE-2026-13558 concerns CodeAstro Complaint Management System 1.0. The flaw is in the Report Handler’s /report/addreport flow, where manipulating the Report Title argument enables cross-site scripting (XSS). Exploitation is possible remotely and the exploit has been publicly released. The availab...

5.1CVSS4.5AI score0.00328EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-40059

A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file /admin/modusers/controller.php?action=edit of the component POST Request Handler. This manipulation of the argument Name causes cross site scripting. The attack may be...

5.3CVSS4.4AI score0.00443EPSS
Exploits0References6
NVD
NVD
added 4 days ago8 views

CVE-2026-13546

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS0.00383EPSS
Exploits0References5
NVD
NVD
added 4 days ago10 views

CVE-2026-13548

A vulnerability was identified in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /doctortimings.php. The manipulation of the argument editid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 4 days ago10 views

CVE-2026-13549

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the component Report Endpoint. The manipulation results in authorization bypass. The attack can be executed remotel...

6.4CVSS0.00293EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-13552

A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/modamenities/controller.php?action=edit. Performing a manipulation of the argument amenid results in sql injection. It is possible to initiate the attack remotely...

7.5CVSS7AI score0.00412EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-40055

A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been mad...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
CVE
CVE
added 4 days ago13 views

CVE-2026-13549

CodeAstro Complaint Management System 1.0 has a vulnerability in the Report Endpoint, specifically the deletereport function in application/controllers/Report.php. The manipulation of this function results in authorization bypass and can be exploited remotely; evidence indicates the exploit is pu...

6.4CVSS5.8AI score0.00293EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-40048

A vulnerability was identified in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /doctortimings.php. The manipulation of the argument editid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
NVD
NVD
added 4 days ago9 views

CVE-2026-13543

A vulnerability was detected in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google OAuth Login. The manipulation results in improper authentication. It is possible to...

6.3CVSS0.00364EPSS
Exploits0References7
NVD
NVD
added 4 days ago12 views

CVE-2026-13541

A weakness has been identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /doctorchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection. The attack may be performed from remote. The exploit has been made...

6.5CVSS0.002EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-13546

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS5.5AI score0.00383EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder