Lucene search
K

2332 matches found

CVE
CVE
added 2026/07/05 8:45 a.m.14 views

CVE-2026-14732

The CVE concerns SourceCodester Class and Exam Timetabling System 1.0, where manipulating the ID parameter in /edit_exam.php enables SQL injection. The issue is exploitable remotely, with publicly disclosed exploit. CVSS metrics indicate network access, low attack complexity, no privileges requir...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 1:0 a.m.17 views

CVE-2026-14688

CVE-2026-14688 affects itsourcecode Online Hotel Management System 1.0. The vulnerability is SQL injection in an unknown function of /admin/login.php triggered by manipulating the email parameter. Exploitation can be remote and publicly available proofs-of-concept exist. Impact metrics indicate l...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.11 views

PT-2026-55796

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote SQL injection occurs due to the improper handling of the Password argument within the Notes controller::accessing dictionary authorization functio...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References12
NVD
NVD
added 2026/07/04 8:16 p.m.9 views

CVE-2026-14648

A security vulnerability has been detected in code-projects Online Voting System up to 0.x/1.0. This issue affects the function testinput of the file /authentication.php of the component Login. Such manipulation of the argument adminUserName/adminPassword leads to sql injection. It is possible to...

7.5CVSS0.00347EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.13 views

PT-2026-55725

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description Remote SQL injection is possible due to improper handling of the ID argument within the /edit class2.php endpoint. SQL injection is a technique where an attacker inserts...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.17 views

PT-2026-55724

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit course.php endpoint where manipulation of the ID variable allows for remote SQL injection. SQL injection is a technique where malicious SQL...

7.5CVSS7.1AI score0.00416EPSS
Exploits0References11
OSV
OSV
added 2026/07/02 2:13 p.m.4 views

PYSEC-2026-766 Zope XSS Vulnerability

Cross-site scripting XSS vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform...

6.1CVSS6.1AI score0.01351EPSS
Exploits0References13
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40832

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.13 views

EUVD-2026-40665

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00171EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-14001

Inappropriate implementation in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS0.00171EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14145

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

0.00154EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/29 2:45 p.m.35 views

CVE-2026-13579 itsourcecode Hospital Management System patientchangepassword.php sql injection

A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection. The attack may be launched remotely. The...

6.5CVSS0.002EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 10:30 a.m.34 views

CVE-2026-13559 code-projects Real State Services single-list_sale.php add sql injection

A weakness has been identified in code-projects Real State Services 1.0. Impacted is an unknown function of the file /single-listsale.php?action=add. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been made available to...

7.5CVSS0.00412EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 9:16 a.m.12 views

CVE-2026-13551

A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file /editBaptism.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...

7.5CVSS0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 6:15 a.m.7 views

EUVD-2026-40042

A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /doctorprofile.php. The manipulation of the argument doctorname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS5.7AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 12:45 a.m.6 views

EUVD-2026-40017

A vulnerability was determined in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /appointmentapproval.php of the component Appointment Handler. This manipulation of the argument editid causes sql injection. The attack is possible to be carried out remotel...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.16 views

PT-2026-53200

Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description An issue exists in the Appointment Handler component within the /appointmentdetail.php endpoint. Remote manipulation of the editid argument allows for SQL injection, a technique...

6.5CVSS6.6AI score0.002EPSS
Exploits0References10
NVD
NVD
added 2026/06/23 4:17 p.m.11 views

CVE-2026-56696

OpenHarness /issue and /prcomments slash commands lack remoteinvocable=False protection, allowing remote channel senders to write attacker-controlled Markdown into project context files. Admitted remote attackers can inject malicious content into .openharness/issue.md and .openharness/prcomments....

5.4CVSS0.00216EPSS
Exploits0References3
CVE
CVE
added 2026/06/21 8:45 p.m.14 views

CVE-2026-12808

The CVE-2026-12808 entry concerns Edimax BR-6478AC V2 (firmware 1.23) with an issue in the POST Request Handler’s /goform/stainfo function, specifically the stainfo interface argument manipulation that enables command injection. The vulnerability is exploitable remotely, with public disclosure of...

6.5CVSS6.4AI score0.01182EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/21 7:45 p.m.22 views

CVE-2026-12807 Edimax BR-6478AC V2 POST Request setWAN command injection

A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file /goform/setWAN of the component POST Request Handler. The manipulation of the argument pppUserName/pptpUserName/L2TPUserName results in command injection. It is possible to launch the attack...

6.5CVSS0.01182EPSS
Exploits0References5
Rows per page
Query Builder