Lucene search
K

41209 matches found

RedhatCVE
RedhatCVE
added 2026/03/28 11:10 p.m.5 views

CVE-2026-4988

A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smfgxccacb/smfgyccacb/smfs6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitabilit...

6.3CVSS5.5AI score0.00566EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 11:10 p.m.3 views

CVE-2026-4992

A flaw has been found in wandb OpenUI up to 1.0. This affects the function createshare/getshare of the file backend/openui/server.py of the component HTMLAnnotator Component. Executing a manipulation of the argument ID can lead to HTML injection. The attack may be performed from remote. The explo...

5.3CVSS5.5AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.3 views

CVE-2026-4974

A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS7.8AI score0.00632EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.5 views

CVE-2026-4975

A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has...

9CVSS7.9AI score0.00632EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.2 views

CVE-2026-4972

A security vulnerability has been detected in code-projects Online Reviewer System up to 1.0. Affected is an unknown function of the file /system/system/students/assessments/databank/btnfunctions.php. Such manipulation of the argument Description leads to cross site scripting. The attack may be...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.3 views

CVE-2026-4990

A security vulnerability has been detected in chatwoot up to 4.11.1. The affected element is an unknown function of the file /app/login of the component Signup Endpoint. Such manipulation of the argument signupEnabled with the input true leads to improper authorization. The attack can be executed...

7.5CVSS6.6AI score0.0035EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/28 10:30 p.m.4 views

CVE-2026-5018 code-projects Simple Food Order System Parameter register-router.php sql injection

A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The explo...

7.5CVSS5.8AI score0.00345EPSS
Exploits1References5
CVE
CVE
added 2026/03/28 10:30 p.m.22 views

CVE-2026-5017

CVE-2026-5017 affects code-projects Simple Food Order System 1.0, specifically the Parameter Handler’s file /all-tickets.php. Affected behavior: manipulation of the Status parameter can cause SQL injection, with remote exploitation and the exploit publicly released. Remediation guidance present i...

9.8CVSS6.9AI score0.00333EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/03/28 10:15 p.m.4 views

CVE-2026-5016

A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the component URL Handler. Such manipulation of the argument req leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly availabl...

7.5CVSS0.003EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/28 9:45 p.m.1 views

CVE-2026-5016 elecV2 elecV2P URL mock eAxios server-side request forgery

A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the component URL Handler. Such manipulation of the argument req leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly availabl...

7.5CVSS5.6AI score0.003EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/28 9:33 p.m.5 views

EUVD-2026-16949

A vulnerability was determined in elecV2 elecV2P up to 3.8.3. The impacted element is an unknown function of the file /logs of the component Endpoint. This manipulation of the argument filename causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS4.3AI score0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/28 9:33 p.m.6 views

EUVD-2026-16947

A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard Handler. The manipulation results in path traversal. The attack may be performed from remote. The exploit has been made public and could be used. The...

6.9CVSS5.4AI score0.00449EPSS
Exploits0References6
NVD
NVD
added 2026/03/28 9:17 p.m.6 views

CVE-2026-5014

A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard Handler. The manipulation results in path traversal. The attack may be performed from remote. The exploit has been made public and could be used. The...

6.9CVSS0.00449EPSS
Exploits0References5
NVD
NVD
added 2026/03/28 9:17 p.m.5 views

CVE-2026-5015

A vulnerability was determined in elecV2 elecV2P up to 3.8.3. The impacted element is an unknown function of the file /logs of the component Endpoint. This manipulation of the argument filename causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS0.00263EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/28 9:0 p.m.4 views

CVE-2026-5014

A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard Handler. The manipulation results in path traversal. The attack may be performed from remote. The exploit has been made public and could be used. The...

6.9CVSS5.4AI score0.00449EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/03/28 9:0 p.m.29 views

CVE-2026-5014 elecV2 elecV2P Wildcard log path.join path traversal

A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard Handler. The manipulation results in path traversal. The attack may be performed from remote. The exploit has been made public and could be used. The...

6.9CVSS0.00449EPSS
Exploits0References5
NVD
NVD
added 2026/03/28 8:16 p.m.2 views

CVE-2026-5013

A vulnerability has been found in elecV2 elecV2P up to 3.8.3. Impacted is the function path.join of the file /store/:key. The manipulation of the argument URL leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used...

6.9CVSS0.00591EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/28 8:0 p.m.26 views

CVE-2026-5013 elecV2 elecV2P :key path.join path traversal

A vulnerability has been found in elecV2 elecV2P up to 3.8.3. Impacted is the function path.join of the file /store/:key. The manipulation of the argument URL leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used...

6.9CVSS0.00591EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/28 8:0 p.m.6 views

CVE-2026-5013

A vulnerability has been found in elecV2 elecV2P up to 3.8.3. Impacted is the function path.join of the file /store/:key. The manipulation of the argument URL leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used...

6.9CVSS5.5AI score0.00591EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/03/28 8:0 p.m.13 views

CVE-2026-5013

CVE-2026-5013 affects elecV2 elecV2P up to version 3.8.3. The vulnerability is a path traversal in the path.join usage of the /store/:key file, triggered by manipulating the URL argument. It is a remote vulnerability with publicly disclosed exploit information. The reports indicate the project wa...

6.9CVSS5.7AI score0.00591EPSS
Exploits0References5
Rows per page
Query Builder