Lucene search
K

41225 matches found

NVD
NVD
added 2026/03/26 10:16 p.m.3 views

CVE-2026-4898

A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /dbfood/contact.php. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The...

5.3CVSS0.00343EPSS
Exploits0References5
NVD
NVD
added 2026/03/26 10:16 p.m.7 views

CVE-2026-4899

A security flaw has been discovered in code-projects Online Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /dbfood/food.php. The manipulation of the argument cuisines results in cross site scripting. It is possible to launch the attack remotely. The...

4.8CVSS0.00293EPSS
Exploits0References5
CVE
CVE
added 2026/03/26 9:56 p.m.7 views

CVE-2026-4900

Affects code-projects Online Food Ordering System 1.0. The vulnerability targets an unknown portion of the file /dbfood/localhost.sql, leading to potential exposure of files or directories. Exploitation appears to be useable remotely, with claims that a public exploit exists. Remediation guidance...

6.9CVSS5.8AI score0.00433EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/26 9:56 p.m.3 views

CVE-2026-4900 code-projects Online Food Ordering System localhost.sql privilege escalation

A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to the public and...

6.9CVSS5.6AI score0.00433EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/26 9:56 p.m.2 views

CVE-2026-4899

A security flaw has been discovered in code-projects Online Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /dbfood/food.php. The manipulation of the argument cuisines results in cross site scripting. It is possible to launch the attack remotely. The...

4.8CVSS4.3AI score0.00293EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/26 9:8 p.m.1 views

CVE-2026-4898 code-projects Online Food Ordering System contact.php cross site scripting

A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /dbfood/contact.php. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The...

5.3CVSS4.3AI score0.00343EPSS
Exploits0References5
CVE
CVE
added 2026/03/26 9:8 p.m.8 views

CVE-2026-4898

The CVE-2026-4898 issue affects code-projects Online Food Ordering System 1.0. It resides in an unknown function of /dbfood/contact.php where manipulating the Name parameter triggers cross-site scripting. The vulnerability is exploitable remotely, and an exploit is publicly available. No specific...

5.3CVSS4.2AI score0.00343EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/03/26 8:0 p.m.6 views

CVE-2026-2271

A flaw was found in GIMP's PSP Paint Shop Pro file parser. A remote attacker could exploit an integer overflow vulnerability in the readcreatorblock function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory...

5.5CVSS7.1AI score0.00494EPSS
Exploits1References3
OSV
OSV
added 2026/03/26 4:34 p.m.5 views

CVE-2026-27828 EVerest: ISO15118 session_setup use-after-free can crash EVSE process

EVerest is an EV charging software stack. Prior to version 2026.02.0, ISO15118chargerImpl::handlesessionsetup uses v2gctx after it has been freed when ISO15118 initialization fails e.g., no IPv6 link-local address. The EVSE process can be crashed remotely by an attacker with MQTT access who issue...

6.9CVSS5.8AI score0.00286EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/26 3:30 p.m.4 views

EUVD-2026-16193

A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...

6.5CVSS6.6AI score0.00196EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/26 3:30 p.m.4 views

EUVD-2026-16195

A security flaw has been discovered in itsourcecode Payroll Management System up to 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS4.3AI score0.00269EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.3 views

CVE-2026-3965

A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...

6.5CVSS6AI score0.00441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.4 views

CVE-2026-3962

A vulnerability was identified in Jcharis Machine-Learning-Web-Apps up to a6996b634d98ccec4701ac8934016e8175b60eb5. The impacted element is the function rendertemplate of the file Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py of the component Jinja2 Template...

5.3CVSS4AI score0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.3 views

CVE-2026-3993

A security vulnerability has been detected in itsourcecode Payroll Management System 1.0. This vulnerability affects unknown code of the file /manageemployeedeductions.php. Such manipulation of the argument ID leads to cross site scripting. The attack may be launched remotely. The exploit has bee...

5.3CVSS4.1AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.5 views

CVE-2026-3984

A weakness has been identified in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This vulnerability affects unknown code of the file saveupathlete.php. This manipulation of the argument aname causes cross site scripting. It is possible to initiate the attack remotely. Th...

5.1CVSS4.3AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.4 views

CVE-2026-3951

A security flaw has been discovered in LockerProject Locker 0.0.0/0.0.1/0.1.0. Affected is the function authIsAwesome of the file source-code/Locker-master/Ops/registry.js of the component Error Response Handler. The manipulation of the argument ID results in cross site scripting. The attack can ...

5.3CVSS4.1AI score0.00296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.4 views

CVE-2026-4593

A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the component MCP Tool Interface. This manipulation causes sql injection hibernate. It is possible to...

6.5CVSS6.2AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.4 views

CVE-2026-4485

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/searchstudent.php. The manipulation of the argument Search leads to sql injection. The attack is possible to be carried out remotely. The exploit has been...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4513

A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. T...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.4 views

CVE-2026-4225

A security flaw has been discovered in CMS Made Simple up to 2.2.21. Impacted is an unknown function of the file admin/listusers.php of the component User Management Module. Performing a manipulation of the argument Message results in cross site scripting. The attack is possible to be carried out...

4.8CVSS4AI score0.00206EPSS
Exploits0References1
Rows per page
Query Builder