Lucene search
K

41189 matches found

NVD
NVD
added 2 days ago7 views

CVE-2026-13570

A vulnerability was detected in SourceCodester Inventory Management System 1.0. Impacted is an unknown function of the file /api/usershandler.php of the component User Registration Endpoint. Performing a manipulation of the argument fullname results in cross site scripting. The attack is possible...

5.1CVSS0.00191EPSS
Exploits0References5
NVD
NVD
added 2 days ago6 views

CVE-2026-13569

A security vulnerability has been detected in weng-xianhu EyouCMS up to 1.7.1. This issue affects some unknown processing of the file /index.php of the component API. Such manipulation of the argument clicklike leads to sql injection. The attack can be executed remotely. The exploit has been...

5.8CVSS0.0021EPSS
Exploits0References7
NVD
NVD
added 2 days ago8 views

CVE-2026-13565

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown functionality of the file /editclass1.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVD
added 2 days ago9 views

CVE-2026-13566

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /preview3.php. The manipulation of the argument courseyearsection leads to sql injection. The attack may be initiated remotely. The exploit is...

7.5CVSS0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40095

A flaw has been found in SourceCodester Simple Food Ordering System 1.0. The affected element is an unknown function of the file /cart.php. Executing a manipulation of the argument itemprice can lead to business logic errors. The attack may be performed from remote. The exploit has been published...

6.9CVSS5.7AI score0.00383EPSS
Exploits0References6
CVE
CVE
added 2 days ago13 views

CVE-2026-13570

The CVE-2026-13570 entry concerns SourceCodester Inventory Management System 1.0 and affects the User Registration Endpoint, specifically the /api/users_handler.php function where manipulating the full_name parameter leads to cross-site scripting. The vulnerability is exploitable remotely, with p...

5.1CVSS4.4AI score0.00191EPSS
Exploits0References5
CVE
CVE
added 2 days ago11 views

CVE-2026-13569

The CVE-2026-13569 entry concerns weng-xianhu EyouCMS (up to version 1.7.1). A vulnerability in the API’s /index.php processing of the click_like argument enables SQL injection. The issue can be exploited remotely and public exploit information has been disclosed. The documents do not provide a p...

5.8CVSS5.6AI score0.0021EPSS
Exploits0References7
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-13569 weng-xianhu EyouCMS API index.php sql injection

A security vulnerability has been detected in weng-xianhu EyouCMS up to 1.7.1. This issue affects some unknown processing of the file /index.php of the component API. Such manipulation of the argument clicklike leads to sql injection. The attack can be executed remotely. The exploit has been...

5.8CVSS0.0021EPSS
Exploits0References7
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-40089

A security vulnerability has been detected in weng-xianhu EyouCMS up to 1.7.1. This issue affects some unknown processing of the file /index.php of the component API. Such manipulation of the argument clicklike leads to sql injection. The attack can be executed remotely. The exploit has been...

5.8CVSS5.6AI score0.0021EPSS
Exploits0References7
CVE
CVE
added 2 days ago10 views

CVE-2026-13567

The CVE-2026-13567 entry affects code-projects Online Music Site 1.0 in the POST Request Handler’s /Frontend/Feedback.php. An attacker can manipulate parameters fname, femail, faddress, or fmessage to trigger cross-site scripting. The issue is remote-present with a publicly released exploit (Proo...

5.3CVSS4.4AI score0.00273EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-13567 code-projects Online Music Site POST Request Feedback.php cross site scripting

A security flaw has been discovered in code-projects Online Music Site 1.0. This affects an unknown part of the file /Frontend/Feedback.php of the component POST Request Handler. The manipulation of the argument fname/femail/faddress/fmessage results in cross site scripting. The attack may be...

5.3CVSS0.00273EPSS
Exploits0References6
NVD
NVD
added 2 days ago6 views

CVE-2026-13561

A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote...

6.5CVSS0.01158EPSS
Exploits0References5
NVD
NVD
added 2 days ago8 views

CVE-2026-13562

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit...

9CVSS0.00445EPSS
Exploits0References5
NVD
NVD
added 2 days ago5 views

CVE-2026-13564

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS0.00751EPSS
Exploits0References5
NVD
NVD
added 2 days ago5 views

CVE-2026-13563

A vulnerability has been found in Edimax EW-7478APC 1.04. This impacts the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to stack-based buffer overflow. It is possible to launch the attack...

9CVSS0.00445EPSS
Exploits0References5
CVE
CVE
added 2 days ago8 views

CVE-2026-13566

SourceCodester Class and Exam Timetabling System 1.0 contains an SQL injection in the /preview3.php script triggered by manipulating the course_year_section parameter. The issue is exploitable remotely, with a publicly available exploit. The provided documents do not specify the vulnerable hostin...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-40077

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /preview3.php. The manipulation of the argument courseyearsection leads to sql injection. The attack may be initiated remotely. The exploit is...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-13566 SourceCodester Class and Exam Timetabling System preview3.php sql injection

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /preview3.php. The manipulation of the argument courseyearsection leads to sql injection. The attack may be initiated remotely. The exploit is...

7.5CVSS0.00263EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-13565

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown functionality of the file /editclass1.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The...

7.5CVSS7AI score0.00263EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40075

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS7.9AI score0.00751EPSS
Exploits0References5
Rows per page
Query Builder