CVE-2026-6163 code-projects Lost and Found Thing Management catageory.php sql injection

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

CVE-2026-6163

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

CVE-2026-6163

CVE-2026-6163 : In code-projects Lost and Found Thing Management 1.0, manipulation of the argument cat in /catageory.php enables SQL injection via an unsanitized input parameter. The issue is exploitable remotely and the exploit is publicly available. The CVSS metrics in the connected documents i...

CVE-2026-6162

CVE-2026-6162 affects PHPGurukul Company Visitor Management System 2.0. The vulnerability lies in the file /bwdates-reports-details.php where manipulating the argument fromdate leads to Cross-Site Scripting (XSS) . Exploitation is possible remotely and the exploit has been disclosed publicly. Bas...

CVE-2026-6161 code-projects Simple ChatBox Endpoint insert.php sql injection

A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2026-6161 code-projects Simple ChatBox Endpoint insert.php sql injection

A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2026-6160

The CVE-2026-6160 entry concerns code-projects Simple ChatBox 1.0. The vulnerability affects the Endpoint component, specifically the function SimpleChatbox_PHP in the chatbox.sql file, where manipulation can cause file and directory information disclosure. Attacks can be initiated remotely, and ...

CVE-2026-6157

A vulnerability was detected in Totolink A800R 4.1.2cu.5137B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. The manipulation of the argument apcliSsid results in buffer overflow. The attack can be executed remotely. The exploit is now public and...

CVE-2026-6159

CVE-2026-6159 affects code-projects Simple ChatBox up to version 1.0. The vulnerability is in the Endpoint component’s file /chatbox/insert.php where manipulating the msg parameter leads to a cross-site scripting (XSS) issue. It can be triggered remotely and exploitation has been publicly disclos...

CVE-2026-6159 code-projects Simple ChatBox Endpoint insert.php cross site scripting

A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be performed from...

CVE-2026-6159

A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be performed from...

CVE-2026-6158 Totolink N300RH upgrade.so setUpgradeUboot os command injection

A flaw has been found in Totolink N300RH 6.1c.1353B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2026-6157

A vulnerability was detected in Totolink A800R 4.1.2cu.5137B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. The manipulation of the argument apcliSsid results in buffer overflow. The attack can be executed remotely. The exploit is now public and...

CVE-2026-6157 Totolink A800R app.so setAppEasyWizardConfig buffer overflow

A vulnerability was detected in Totolink A800R 4.1.2cu.5137B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. The manipulation of the argument apcliSsid results in buffer overflow. The attack can be executed remotely. The exploit is now public and...

CVE-2026-6157 Totolink A800R app.so setAppEasyWizardConfig buffer overflow

A vulnerability was detected in Totolink A800R 4.1.2cu.5137B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. The manipulation of the argument apcliSsid results in buffer overflow. The attack can be executed remotely. The exploit is now public and...

CVE-2026-6157

Totolink A800R 4.1.2cu.5137_B20200730 is affected by a buffer overflow in setAppEasyWizardConfig inside /lib/cste_modules/app.so. The apcliSsid argument can be manipulated to trigger the overflow, enabling a remote attack. Public exploits exist, and multiple trusted sources (NVD/NVD-derived entri...

EUVD-2026-21773

A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is some unknown functionality of the file src-tauri/src/proxy/server.rs of the component ProxyServer. The manipulation results in permissive cross-domain policy with untrusted domains. The attack can ...

EUVD-2026-21778

A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/StaffAddingFunction.php. This manipulation of the argument STAFFID causes sql injection. The attack can be initiated remotely. The exploit has been...

EUVD-2026-21780

A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...

EUVD-2026-21774

A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Performing a manipulation of the argument BRANCHID results in sql injection. The attack is possibl...