CVE-2026-1196 MineAdmin getFileInfoById information disclosure

A security vulnerability has been detected in MineAdmin 1.x/2.x. Affected is an unknown function of the file /system/getFileInfoById. Such manipulation of the argument ID leads to information disclosure. It is possible to launch the attack remotely. The attack requires a high level of complexity...

GHSA-7F7M-83R3-P644 MineAdmin May Expose Sensitive Information to an Unauthorized Actor

A security flaw has been discovered in MineAdmin 1.x/2.x. This affects an unknown function of the component Swagger. The manipulation results in information disclosure. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was...

CVE-2026-1195

Summary: CVE-2026-1195 affects MineAdmin 1.x/2.x, specifically the JWT Token Handler’s /system/refresh function. The issue is insufficient verification of data authenticity, enabling a remote attack with high complexity; exploitation has been publicly disclosed. Multiple sources consistently desc...

CVE-2026-1195 MineAdmin JWT Token refresh data authenticity

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of the component JWT Token Handler. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The attack is considered ...

CVE-2025-66803

Race condition in the turbo-frame element handler in Hotwired Turbo before 8.0.x causes logout operations to fail when delayed frame responses reapply session cookies after logout. This can be exploited by remote attackers via selective network delays e.g. delaying requests based on sequence or...

ROS-20260120-7337

A vulnerability in the skbget function of the Linux kernel is related to incorrect resource locking. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

PT-2026-3521

Name of the Vulnerable Software and Affected Versions MineAdmin versions 1.x through 2.x Description A flaw exists in MineAdmin that allows information disclosure. This occurs due to manipulation of the ID argument within the /system/downloadById file. The attack can be initiated remotely and is...

PT-2026-3519

Name of the Vulnerable Software and Affected Versions MineAdmin versions 1.x and 2.x Description A weakness exists due to insufficient verification of data authenticity within the JWT Token Handler component. This issue affects the refresh function of the /system/refresh file. The attack can be...

PT-2026-3525

A weakness has been identified in CRMEB up to 5.6.3. The impacted element is the function remoteRegister of the file crmeb/app/services/user/LoginServices.php of the component JSON Token Handler. Executing a manipulation of the argument uid can lead to improper authentication. The attack may be...

PT-2026-3524

Name of the Vulnerable Software and Affected Versions CRMEB versions prior to 5.6.4 Description A security flaw exists in CRMEB that allows improper authentication. This is due to manipulation of the openId argument within the appleLogin function located in the file...

CVE-2026-1194

The CVE-2026-1194 entry concerns MineAdmin 1.x/2.x, specifically a vulnerability in the Swagger component that leads to information disclosure. The issue is remotely exploitable and has a publicly released exploit; attacker may access sensitive information via the Swagger function. Affected produ...

CVE-2026-1177

A weakness has been identified in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /kmf/savefolder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. It is possible to launch the atta...

CVE-2026-1177 Yonyou KSOA HTTP GET Parameter save_folder.jsp sql injection

A weakness has been identified in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /kmf/savefolder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. It is possible to launch the atta...

CVE-2026-1176

A security flaw has been discovered in itsourcecode School Management System 1.0. Affected is an unknown function of the file /subject/index.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to...

CVE-2026-1176

CVE-2026-1176 affects itsourcecode School Management System 1.0. The vulnerability is in the file /subject/index.php where manipulating the argument ID enables remote SQL injection. The description indicates the exploit is publicly available, implying potential in-the-wild use. No specific patch ...

CVE-2026-1175

A vulnerability was identified in birkir prime up to 0.4.0.beta.0. This impacts an unknown function of the file /graphql of the component GraphQL Directive Handler. Such manipulation leads to information exposure through error message. The attack may be performed from remote. The exploit is...

EUVD-2026-3194

A vulnerability was identified in birkir prime up to 0.4.0.beta.0. This impacts an unknown function of the file /graphql of the component GraphQL Directive Handler. Such manipulation leads to information exposure through error message. The attack may be performed from remote. The exploit is...

CVE-2026-1173

A vulnerability was found in birkir prime up to 0.4.0.beta.0. The impacted element is an unknown function of the file /graphql of the component GraphQL Array Based Query Batch Handler. The manipulation results in denial of service. The attack can be executed remotely. The exploit has been made...

CVE-2026-1171 birkir prime GraphQL Field graphql denial of service

A flaw has been found in birkir prime up to 0.4.0.beta.0. Impacted is an unknown function of the file /graphql of the component GraphQL Field Handler. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been published and may be used. The...

CVE-2026-1171

A flaw has been found in birkir prime up to 0.4.0.beta.0. Impacted is an unknown function of the file /graphql of the component GraphQL Field Handler. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been published and may be used. The...