Lucene search
K

7 matches found

CVE
CVE
added 2026/06/29 6:15 a.m.14 views

CVE-2026-13542

The CVE-2026-13542 entry concerns itsourcecode Hospital Management System 1.0. Affected is an unknown function in the file /doctorprofile.php where manipulation of the doctorname parameter enables SQL injection. The vulnerability can be triggered remotely, with public exploit disclosure reported ...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
CVE
CVE
added 2026/04/27 9:0 p.m.21 views

CVE-2026-7158

The CVE-2026-7158 entry concerns the dmitryglhf mcp-url-downloader project. The vulnerability affects the function _validate_url_safe in src/mcp_url_downloader/server.py and is triggered by manipulating the url argument, resulting in server-side request forgery (SSRF). The issue is exploitable re...

7.5CVSS7AI score0.00294EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/23 12:31 a.m.8 views

EUVD-2026-25137

A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host can lead to reliance on reverse dns resolution. The attack may be performed from remote. The explo...

5.3CVSS5.3AI score0.00257EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/27 10:2 a.m.4 views

CVE-2025-12260 TOTOLINK A3300R POST Parameter cstecgi.cgi setSyslogCfg stack-based overflow

A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The impacted element is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. Such manipulation of the argument enable leads to stack-based buffer overflow. It is possible to...

9CVSS8.9AI score0.0093EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/17 3:48 a.m.8 views

CVE-2025-10424

A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file /admin/controller/facultycontroller.php. This manipulation of the argument newimage causes unrestricted upload. The attack is...

9.8CVSS6.8AI score0.00424EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.11 views

PT-2025-33439 · Itsourcecode · Itsourcecode Online Tour/Travel Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A vulnerability was identified in the processing of the file /admin/sms setting.php. Manipulation of the uname argument leads to a SQL injection. The attack may be...

9.8CVSS7.4AI score0.00387EPSS
Exploits1References11
CVE
CVE
added 2025/08/14 11:32 p.m.28 views

CVE-2025-8989

The connected documents provide concrete details for CVE-2025-8989: a SQL injection vulnerability in SourceCodester COVID 19 Testing Management System 1.0, caused by improper handling of the mobilenumber parameter in /edit-phlebotomist.php. The issue is exploitable remotely and may affect other p...

9.8CVSS7.6AI score0.00387EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder