Lucene search
K

41186 matches found

CVE
CVE
added 2 days ago9 views

CVE-2026-13532

The CVE-2026-13532 entry concerns itsourcecode Hospital Management System 1.0. Affected component: /departmentDoctor.php; vulnerable parameter: deptid, enabling SQL injection remotely. Exploit appears publicly available. No remediation details are provided in the supplied documents.

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-13532 itsourcecode Hospital Management System departmentDoctor.php sql injection

A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /departmentDoctor.php. This manipulation of the argument deptid causes sql injection. It is possible to initiate the attack remotely. The exploit h...

6.5CVSS0.00204EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-40028

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /department.php. The manipulation of the argument editid results in sql injection. The attack may be performed from remote. The exploit has been released to the public a...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-13531

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /department.php. The manipulation of the argument editid results in sql injection. The attack may be performed from remote. The exploit has been released to the public a...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2 days ago11 views

CVE-2026-13531

CVE-2026-13531 concerns itsourcecode Hospital Management System 1.0. Affected is an unknown function in the file /department.php where manipulation of the argument editid leads to a SQL injection. The vulnerability can be exploited remotely, and the exploit has been released publicly. Public expl...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
NVD
NVD
added 2 days ago8 views

CVE-2026-13524

A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. Th...

6.3CVSS0.00264EPSS
Exploits0References7
CVE
CVE
added 2 days ago9 views

CVE-2026-13530

The vulnerability CVE-2026-13530 affects itsourcecode Hospital Management System 1.0, specifically the Appointment Handler component through the file /appointmentdetail.php. The issue arises from manipulating the argument editid, leading to an SQL injection. Evidence indicates the attack can be c...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40027

A vulnerability was identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /appointmentdetail.php of the component Appointment Handler. The manipulation of the argument editid leads to sql injection. The attack is possible to be carried out remotel...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
CVE
CVE
added 2 days ago12 views

CVE-2026-13529

CVE-2026-13529 : In YzmCMS (up to v7.5), a vulnerability affects an unknown function in /application/install/index.php where manipulating the siteurl parameter can cause SQL injection. The issue is exploitable remotely with high attack complexity and partial confidentiality/integrity/availability...

6.3CVSS5.8AI score0.00239EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-13529 YzmCMS index.php sql injection

A vulnerability was determined in YzmCMS up to 7.5. This affects an unknown function of the file /application/install/index.php. Executing a manipulation of the argument siteurl can lead to sql injection. The attack can be executed remotely. A high complexity level is associated with this attack...

6.3CVSS0.00239EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2 days ago5 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2 days ago4 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
CVE
CVE
added 2 days ago11 views

CVE-2026-13527

CVE-2026-13527 affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability is in an unknown function within /preview4.php where manipulating the argument course_year_section enables SQL injection. The attack can be launched remotely, and the exploit has been disclosed publicly...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
NVD
NVD
added 2 days ago8 views

CVE-2026-13522

A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe of the component PDF File Handler. Performing a manipulation results in out-of-bounds read. It is...

5.3CVSS0.00293EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago9 views

EUVD-2026-40023

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editclass.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

7.5CVSS5.7AI score0.00263EPSS
Exploits0References6
CVE
CVE
added 2 days ago9 views

CVE-2026-13526

SourceCodester Class and Exam Timetabling System 1.0 is affected by an SQL injection in /edit_class.php via the ID parameter. The flaw arises from manipulating the ID argument, enabling remote exploitation. The exploit has been published and may be used. No remediation details are provided in the...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-13526 SourceCodester Class and Exam Timetabling System edit_class.php sql injection

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editclass.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

7.5CVSS0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-40022

A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...

6.5CVSS5.7AI score0.002EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-13525

A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2 days ago12 views

CVE-2026-13525

CodeAstro Human Resource Management System 1.0 contains a SQL injection in Update_Earn_Leave Endpoint, specifically in Employee_model.php emselectByCode via the emid parameter. The vulnerability arises from unsanitized input leading to SQL injection, enabling remote exploitation. Public exploit a...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Rows per page
Query Builder