Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40913 matches found

EUVD
EUVDadded 2026/05/25 12:30 a.m.9 views

EUVD-2026-31612

A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launc...

5.3CVSS5.4AI score0.00257EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/25 12:30 a.m.31 views

CVE-2026-9410 Sushmi-pal Invoice-System Profile Workflow profile improper authorization

A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launc...

5.3CVSS0.00257EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/25 12:30 a.m.7 views

CVE-2026-9410 Sushmi-pal Invoice-System Profile Workflow profile improper authorization

A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launc...

5.3CVSS5.4AI score0.00257EPSS
Exploits0References4
CVE
CVEadded 2026/05/25 12:15 a.m.18 views

CVE-2026-9409

Sushmi-pal Invoice-System contains a flaw in the User Management Handler, affecting an unknown portion of the /user file. Manipulation of the role argument allows improper authorization, enabling a remote attack. The exploit has been published, and the product uses a rolling release with no versi...

5.3CVSS5.4AI score0.00257EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/25 12:15 a.m.10 views

EUVD-2026-31611

A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack...

5.3CVSS5.4AI score0.00257EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/25 12:15 a.m.6 views

CVE-2026-9409 Sushmi-pal Invoice-System User Management user improper authorization

A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack...

5.3CVSS5.4AI score0.00257EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/25 12:0 a.m.6 views

CVE-2026-9408 Totolink A8000RU Web Management cstecgi.cgi setStaticDhcpRules os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

10CVSS7AI score0.01909EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.12 views

PT-2026-42980

A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack...

5.3CVSS5.4AI score0.00257EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.11 views

PT-2026-42981

A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launc...

5.3CVSS5.4AI score0.00257EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.14 views

PT-2026-42998

A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

7.5CVSS6.3AI score0.00309EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.9 views

PT-2026-42995

A vulnerability was detected in code-projects Employee Management System 1.0. Affected is an unknown function of the file /myprofileup.php. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public an...

5.3CVSS4.3AI score0.00336EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.9 views

PT-2026-43012

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be...

10CVSS7AI score0.01909EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.9 views

PT-2026-43011

A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. This issue affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument enable causes os command injection. The attack may be initiated...

10CVSS7AI score0.01909EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.9 views

PT-2026-43008

A vulnerability was found in Tenda F1202 1.2.0.20408. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. Performing a manipulation of the argument delno results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

9CVSS7.8AI score0.00579EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.7 views

PT-2026-43007

A vulnerability has been found in Tenda F1202 1.2.0.20408. Affected is the function fromPPTPUserSetting of the file /goform/PPTPUserSetting. Such manipulation of the argument delno leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the...

9CVSS7.7AI score0.00579EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.11 views

PT-2026-43029

Name of the Vulnerable Software and Affected Versions SourceCodester Simple POS and Inventory System version 1.0 Description An issue exists in the GET Parameter Handler component where the delete function within the '/admin/deleteproduct.php' endpoint is susceptible to SQL injection. This occurs...

5.8CVSS5.8AI score0.00318EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.8 views

PT-2026-43042

A flaw has been found in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

10CVSS7AI score0.02135EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.10 views

PT-2026-43039

A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The...

7.5CVSS6.7AI score0.01549EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.8 views

PT-2026-43048

A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument max Conn/timeOut results in stack-based buffer overflow. It is possible to initiate the attack...

9CVSS7.8AI score0.00751EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.8 views

PT-2026-43088

A vulnerability has been found in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. Th...

6.5CVSS6.2AI score0.00337EPSS
Exploits0References5
Rows per page
Query Builder