CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/27 11:30 a.m.•5 views

EUVD-2026-25834

A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argument countrystr results in os command injection. The attack may be performed from remote. The exploit is now public and may be used...

9CVSS7.7AI score0.03269EPSS

Exploits1References5

Cvelist•added 2026/04/27 11:30 a.m.•26 views

CVE-2026-7119 Tenda HG3 formCountrystr os command injection

9CVSS0.03269EPSS

Exploits1References5

ATTACKERKB•added 2026/04/27 11:30 a.m.•6 views

CVE-2026-7119

9CVSS7.8AI score0.03269EPSS

Exploits1References5Affected Software1

NVD•added 2026/04/27 11:16 a.m.•9 views

CVE-2026-7115

A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...

NVD•added 2026/04/27 11:16 a.m.•4 views

CVE-2026-7114

A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilize...

Cvelist•added 2026/04/27 11:15 a.m.•31 views

CVE-2026-7118 code-projects Employee Management System cancel.php sql injection

A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection. The attack is possible to be carried out remotely. The explo...

Cvelist•added 2026/04/27 11:0 a.m.•31 views

CVE-2026-7117 code-projects Employee Management System approve.php sql injection

A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token can lead to sql injection. The attack can be executed remotely. The exploit has been made available...

Vulnrichment•added 2026/04/27 11:0 a.m.•4 views

CVE-2026-7117 code-projects Employee Management System approve.php sql injection

6.5CVSS6.5AI score0.00192EPSS

CVE•added 2026/04/27 10:45 a.m.•9 views

CVE-2026-7116

CVE-2026-7116 affects code-projects Employee Management System 1.0, specifically the file 370project/mark.php. An input manipulation leads to cross-site scripting (XSS) with remote exploitation possible. Exploit appears publicly available. CVSS metrics indicate MEDIUM severity (up to 5.3 on CVSS4...

5.3CVSS4AI score0.00273EPSS

CVE•added 2026/04/27 10:30 a.m.•16 views

CVE-2026-7115

CVE-2026-7115 affects code-projects Employee Management System 1.0, with a vulnerability in the file 370project/delete.php. The issue arises from manipulating the argument ID, allowing SQL injection. Attacks may be launched remotely, and the exploit is publicly available. Current documents do not...

6.5CVSS6.6AI score0.00192EPSS

Cvelist•added 2026/04/27 10:30 a.m.•30 views

CVE-2026-7115 code-projects Employee Management System delete.php sql injection

Vulnrichment•added 2026/04/27 10:30 a.m.•3 views

CVE-2026-7115 code-projects Employee Management System delete.php sql injection

6.5CVSS6.6AI score0.00192EPSS

NVD•added 2026/04/27 10:16 a.m.•6 views

CVE-2026-7109

A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and...

6.9CVSS0.00286EPSS

ATTACKERKB•added 2026/04/27 10:0 a.m.•3 views

CVE-2026-7113

A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component Webhooks Endpoint. The manipulation of the argument INSECURENOAUTH results in missing authentication. The attack can be...

6.3CVSS5.1AI score0.00362EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2026/04/27 10:0 a.m.•4 views

CVE-2026-7113 NousResearch hermes-agent Webhooks Endpoint webhook.py missing authentication

6.3CVSS5.2AI score0.00362EPSS

CVE•added 2026/04/27 10:0 a.m.•42 views

CVE-2026-7113

CVE-2026-7113 affects NousResearch hermes-agent 0.8.0, specifically the Webhooks Endpoint in gateway/platforms/webhook.py. The issue arises from manipulating the argument _INSECURE_NO_AUTH, resulting in missing authentication and enabling a remote attack. The description notes high attack complex...

6.3CVSS5.2AI score0.00362EPSS

CVE•added 2026/04/27 9:45 a.m.•14 views

CVE-2026-7112

CVE-2026-7112 affects NousResearch hermes-agent 0.8.0. The vulnerability is in the API_SERVER_KEY Handler’s function _check_auth within gateway/platforms/api_server.py, causing improper authentication. It can be triggered remotely, with a high attack complexity and partial confidentiality/integri...

6.3CVSS5.2AI score0.0036EPSS

CVE•added 2026/04/27 9:30 a.m.•9 views

CVE-2026-7110

CVE-2026-7110 concerns code-projects Invoice System (Laravel 1.0). The vulnerability arises from an unspecified function in the /item file where manipulation of the item name/description parameter can trigger cross-site scripting. The issue is exploitable remotely, and an exploit has been publish...

5.1CVSS3.6AI score0.00191EPSS

Vulnrichment•added 2026/04/27 9:30 a.m.•1 views

CVE-2026-7110 code-projects Invoice System in Laravel item cross site scripting

A flaw has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /item. Executing a manipulation of the argument item name/description can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published an...

5.1CVSS3.4AI score0.00191EPSS