Lucene search
K

41225 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4238

A vulnerability has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/courses.php. The manipulation of the argument coursecode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

5.8CVSS5.8AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.2 views

CVE-2026-4171

A security vulnerability has been detected in CodeGenieApp serverless-express up to 4.17.1. Affected by this issue is some unknown functionality of the file examples/lambda-function-url/packages/api/models/TodoList.ts of the component API Endpoint. The manipulation of the argument userId leads to...

6.5CVSS6.1AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4234

A security flaw has been discovered in SSCMS 7.4.0. This vulnerability affects unknown code of the file SitesAddController.Submit.cs of the component DDL Handler. The manipulation of the argument tableHandWrite results in sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4472

A security vulnerability has been detected in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /admin/admineditsupplier.php. The manipulation of the argument SupplierName leads to sql injection. The attack can be initiated remotely. The...

9.8CVSS6.6AI score0.00315EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.2 views

CVE-2026-4168

A vulnerability was identified in Tecnick TCExam 16.5.0. This impacts an unknown function of the file /admin/code/tceeditgroup.php of the component Group Handler. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit is publicly...

4.8CVSS4AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.4 views

CVE-2026-4166

A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted element is the function sub404F68 of the file /cgi-bin/login.cgi. The manipulation of the argument homepage/hostname results in cross site scripting. The attack can be launched remotely. The exploit has been made public and coul...

5.1CVSS4.1AI score0.00203EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4780

A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file updateoutstanding.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is possible to be carrie...

6.5CVSS6.4AI score0.00295EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.6 views

CVE-2026-4591

A weakness has been identified in kalcaddle kodbox 1.64. This affects the function checkBin of the file /workspace/source-code/plugins/fileThumb/app.php of the component fileThumb Endpoint. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit...

5.8CVSS5.5AI score0.02097EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.4 views

CVE-2026-4511

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads to injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4597

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyProvider.java of the component Stream Proxy Query Handler. The manipulation results in sql injection...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4285

A vulnerability was identified in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. Impacted is the function recognizeMarkdown of the file yudao-module-digitalcourse/yudao-module-digitalcourse-biz/src/main/java/cn/iocoder/yudao/module/digitalcourse/util/Pdf2MdUtil.java. Such...

5.1CVSS5.5AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4533

A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...

6.5CVSS6.5AI score0.00301EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4470

A security flaw has been discovered in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this issue is some unknown functionality of the file /admin/admineditmenu.php. Performing a manipulation of the argument productname results in sql injection. It is possible to initiate the...

9.8CVSS5.7AI score0.00327EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4542

A vulnerability has been found in SSCMS 4.7.0. The affected element is an unknown function of the file LayerImageController.Submit.cs of the component layerImage Endpoint. Such manipulation of the argument filePaths leads to path traversal. The attack may be performed from remote. The exploit has...

5.5CVSS5.6AI score0.0031EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4614

A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This manipulation of the argument subjectcode causes sql injection. The attack is possible to be carri...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4506

A vulnerability was found in Mindinventory MindSQL up to 0.2.1. Impacted is the function askdb of the file mindsql/core/mindsqlcore.py. Performing a manipulation results in code injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4173

A flaw has been found in CodePhiliaX Chat2DB up to 0.3.7. This vulnerability affects the function exportTable/exportTableColumnComment/exportView/exportProcedure/exportTriggers/exportTrigger/updateProcedure of the file DMDBManage.java of the component Database Export Handler. This manipulation...

6.5CVSS6.2AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4586

A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects the function Upload of the file chat2db-server/chat2db-server-web/chat2db-server-web-api/src/main/java/ai/chat2db/server/web/api/controller/driver/JdbcDriverController.java of the component JDBC Driver Upload. Performing a...

6.5CVSS6.1AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.2 views

CVE-2026-4568

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /updatesupplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit h...

6.5CVSS6.4AI score0.0031EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.3 views

CVE-2026-4577

A vulnerability was found in code-projects Exam Form Submission 1.0. The affected element is an unknown function of the file /admin/updates4.php. Performing a manipulation of the argument sname results in cross site scripting. The attack may be initiated remotely. The exploit has been made public...

4.8CVSS4.2AI score0.00206EPSS
Exploits0References1
Rows per page
Query Builder