41167 matches found
CVE-2026-5565
CVE-2026-5565 affects code-projects Simple Laundry System 1.0. The vulnerability is in the Parameter Handler’s /delmemberinfo.php, where manipulating the userid parameter leads to SQL injection. It can be exploited remotely, and the exploit has been publicly disclosed. The connected sources confi...
CVE-2026-5565 code-projects Simple Laundry System Parameter delmemberinfo.php sql injection
A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack may be launche...
CVE-2026-5565
A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack may be launche...
CVE-2026-5564 code-projects Simple Laundry System Parameter searchguest.php sql injection
A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. This manipulation of the argument searchServiceId causes sql injection. The attack may be initiate...
CVE-2026-5559
A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function issafeast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may...
CVE-2026-5563
A security flaw has been discovered in AutohomeCorp frostmourne up to 1.0. Affected is the function httpTest of the file /api/monitor-api/alarm/previewData of the component Alarm Preview. The manipulation results in sql injection. The attack can be launched remotely. The exploit has been released...
CVE-2026-5562 provectus kafka-ui Endpoint testexecutions validateAccess code injection
A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. The attack can be initiated remotely. The exploit is publicly available and...
CVE-2026-5562
Provectus Kafka-UI
CVE-2026-5560
CVE-2026-5560 concerns PHPGurukul Online Shopping Portal Project 2.1. The vulnerable element is an unknown function in /payment-method.php within the Parameter Handler component. A manipulated paymethod argument enables SQL injection, with remote exploit possibility and a publicly available explo...
CVE-2026-5560 PHPGurukul Online Shopping Portal Project Parameter payment-method.php sql injection
A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...
CVE-2026-5557
A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...
CVE-2026-5559 AntaresMugisho PyBlade AST Validation sandbox.py _is_safe_ast special elements used in a template engine
A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function issafeast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may...
CVE-2026-5559 AntaresMugisho PyBlade AST Validation sandbox.py _is_safe_ast special elements used in a template engine
A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function issafeast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may...
CVE-2026-5559
AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha is affected by a vulnerability in sandbox.py:_is_safe_ast within the AST Validation component. The flaw enables improper neutralization of special elements in the template engine, with remote-exploitation potential. Exploit has been disclosed publicl...
CVE-2026-5558
A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely...
CVE-2026-5558
CVE-2026-5558 affects PHPGurukul Online Shopping Portal Project up to 2.1. The vulnerability is in an unknown function of /pending-orders.php (Parameter Handler). Manipulating the argument ID leads to SQL injection, enabling remote exploitation. The exploit has been published; CVSS indicates medi...
CVE-2026-5557 badlogic pi-mono pi-mom Slack Bot slack.ts authentication bypass
A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...
CVE-2026-5557
A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...
CVE-2026-5557 badlogic pi-mono pi-mom Slack Bot slack.ts authentication bypass
A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...
CVE-2026-5557
The CVE-2026-5557 entry concerns badlogic pi-mono up to version 0.58.4, affecting the pi-mom Slack Bot component’s file packages/mom/src/slack.ts. The documented issue results in an authentication bypass via an alternate channel, with remote execution possible. Public exploitation is noted. No ve...