41186 matches found
EUVD-2026-17733
A weakness has been identified in itsourcecode Payroll Management System 1.0. Affected by this issue is some unknown functionality of the file /viewemployee.php of the component Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed...
EUVD-2026-17688
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...
CVE-2026-5238
A weakness has been identified in itsourcecode Payroll Management System 1.0. Affected by this issue is some unknown functionality of the file /viewemployee.php of the component Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed...
PT-2026-29639
Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.26 Description A flaw exists in Nothings stb, specifically within the TTF File Handler component, impacting the stbtt InitFont internal function in the stb truetype.h library. A manipulation of the function can le...
PT-2026-29471
A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in cross site scripting. The attack may be launched remotely. The exploit is now...
PT-2026-29481
A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the file frostmourne-monitor/src/main/java/com/autohome/frostmourne/monitor/controller/AlarmController.java of the component Alarm Preview. Executing a manipulation can lead to...
PT-2026-29483
A vulnerability was identified in Shandong Hoteam InforCenter PLM up to 8.3.8. The impacted element is the function uploadFileToIIS of the file /Base/BaseHandler.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit i...
ROS-20260401-73-0045
Vulnerability in salt related to flaws in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...
ROS-20260401-73-0027
Vulnerability in libpng related to buffer copying without checking input size. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
PT-2026-29477
A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function get file of the file iopaint/file manager/file manager.py of the component File Manager. Performing a manipulation of the argument filename results in path traversal. The attack is possible to be carried out remotely. Th...
PT-2026-29448
A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...
PT-2026-29446
A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument isAdmin with the input 1 leads to dynamically-determined object attributes. It is possible to launch...
PT-2026-29449
A security vulnerability has been detected in welovemedia FFmate up to 2.0.15. Affected by this issue is some unknown functionality of the file /ui/app/components/AppJsonTreeView.vue of the component Webhook Handler. The manipulation leads to cross site scripting. The attack may be initiated...
PT-2026-29475
A vulnerability has been found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the file /delstaffinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack can be executed remotely. The exploit...
CVE-2026-5240 code-projects BloodBank Managing System admin_state.php cross site scripting
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /adminstate.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-5237
A security flaw has been discovered in itsourcecode Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /manageuser.php of the component Parameter Handler. Performing a manipulation of the argument ID results in sql injection. The attack is possib...
CVE-2026-5237
Affected software: itsourcecode Payroll Management System 1.0. The vulnerability resides in the Parameter Handler, specifically affecting the /manage_user.php file. A crafted manipulation of the ID parameter enables an SQL injection, with remote exploitation possible. Public exploit exists, indic...
CVE-2026-5154
A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of the file /goform/setcfm of the component Parameter Handler. The manipulation of the argument funcname leads to stack-based buffer overflow. Remote exploitation of the attack is possible...
CVE-2026-5155
A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component Parameter Handler. The manipulation of the argument wanmode results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been mad...
CVE-2026-5153
A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...