Lucene search
+L

6440 matches found

CVE
CVE
added 4 hours ago6 views

CVE-2026-16202

SourceCodester Class and Exam Timetabling System 1.0 is affected by a cross-site scripting vulnerability in the /CYS.php file, triggered by manipulating the course parameter. The issue allows remote exploitation and has publicly disclosed exploits according to the linked reports. The precise vuln...

5.1CVSS3.6AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 6 hours ago3 views

PT-2026-61048

A vulnerability was identified in geex-arts django-jet up to 1.0.8. This affects an unknown function of the file jet/dashboard/views.py of the component Dashboard Module. Such manipulation leads to authorization bypass. The attack can be executed remotely. The exploit is publicly available and...

6.5CVSS6.2AI score
Exploits0References7
NVD
NVD
added yesterday5 views

CVE-2026-16150

A vulnerability was found in RobinHerbots Inputmask up to 5.0.9. Affected by this issue is the function extendDefaults/extendDefinitions/extendAliases in the library lib/dependencyLibs/extend.js of the component Internal Deep Merge Helper. The manipulation results in improperly controlled...

6.5CVSS
Exploits0References6
Cvelist
Cvelist
added yesterday12 views

CVE-2026-16119 nextlevelbuilder GoClaw WebSocket Approval Endpoint exec_approval.go RequestApproval authorization

A vulnerability was found in nextlevelbuilder GoClaw up to 3.13.2. This affects the function RequestApproval of the file internal/tools/execapproval.go of the component WebSocket Approval Endpoint. Performing a manipulation results in incorrect authorization. The attack is possible to be carried...

6.5CVSS
Exploits0References7
Nuclei
Nuclei
added yesterday62 views

Dzzoffice 2.02.1 - Cross-Site Scripting

Dzzoffice 2.02.1SCUTF8 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the zero parameter. id: CVE-2021-30203 info: name: Dzzoffice 2.02.1 - Cross-Site Scripting author: arafatansari severity: high description: | Dzzoffice...

6.1CVSS6AI score0.00596EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-60933

A vulnerability has been found in Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. This affects the function sub 40BB50 of the file /proc/webmon recent domains. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This project is superseded by...

9CVSS5.9AI score
Exploits0References6
CVE
CVE
added 2 days ago11 views

CVE-2026-16014

The CVE-2026-16014 entry concerns code-projects Hospital Bed Management System 1.0. It identifies a vulnerability in an unspecified part of the Login Form, where manipulating the Username argument triggers a SQL injection. The vulnerability enables remote exploitation, and public exploits exist. ...

7.5CVSS7.1AI score0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-16008 sagold json-schema-library propertyDependencies.ts parsePropertyDependencies prototype pollution

A security vulnerability has been detected in sagold json-schema-library 11.5.0/11.5.1. This impacts the function parsePropertyDependencies of the file src/keywords/propertyDependencies.ts. The manipulation leads to improperly controlled modification of object prototype attributes. The attack can...

6.5CVSS0.00262EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-16008

A security vulnerability has been detected in sagold json-schema-library 11.5.0/11.5.1. This impacts the function parsePropertyDependencies of the file src/keywords/propertyDependencies.ts. The manipulation leads to improperly controlled modification of object prototype attributes. The attack can...

6.5CVSS5AI score0.00262EPSS
Exploits0References9Affected Software1
Nuclei
Nuclei
added 3 days ago187 views

SAP Solution Manager 7.2 - Remote Command Execution

SAP Solution Manager SolMan running version 7.2 has a remote command execution vulnerability within the SAP EEM servlet tcsmdagentapplicationeem. The vulnerability occurs due to missing authentication checks when submitting SOAP requests to the /EemAdminService/EemAdmin page to get information...

10CVSS7.3AI score0.98266EPSS
Exploits7References7
Nuclei
Nuclei
added 3 days ago27 views

Grandstream UCM6200 - SQL Injection

Grandstream UCM6200 series contains an unauthenticated remote SQL injection caused by crafted HTTP requests, letting attackers execute shell commands as root on versions before 1.0.19.20 or inject HTML in emails before 1.0.20.17. id: CVE-2020-5722 info: name: Grandstream UCM6200 - SQL Injection...

10CVSS7.1AI score0.83926EPSS
Exploits8References2
Cvelist
Cvelist
added 5 days ago42 views

CVE-2026-15753 zhinianboke xianyu-auto-reply review approve trusting http permission methods on the server side

A vulnerability was determined in zhinianboke xianyu-auto-reply on Server. Affected by this vulnerability is an unknown functionality of the file /api/v1/payment/withdraw/review?action=approve. Executing a manipulation can lead to trusting http permission methods on the server side. The attack ma...

5.5CVSS0.00261EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 5 days ago11 views

Remote Desktop Client Remote Code Execution Vulnerability

Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network...

9.8CVSS6.2AI score0.00767EPSS
Exploits0
NVD
NVD
added 5 days ago7 views

CVE-2026-15672

A vulnerability was determined in itsourcecode Electronic Judging System 1.0. Impacted is an unknown function of the file /intrams/admin/addjudges.php. This manipulation of the argument fname causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

6.5CVSS0.002EPSS
Exploits0References6
CVE
CVE
added 6 days ago8 views

CVE-2026-15598

The CVE affects antv layout 2.0.0, specifically the setNestedValue function in lib/util/object.js. A manipulation of the argument path can lead to prototype pollution, allowing remote modification of object prototype attributes. The advisory notes the attack can be launched remotely, with low att...

6.5CVSS6.5AI score0.00313EPSS
Exploits0References5
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-43294

A weakness has been identified in primefaces primereact up to 10.9.8. This issue affects the function ObjectUtils.mutateFieldData of the component API. This manipulation of the argument Field causes improperly controlled modification of object prototype attributes. The attack is possible to be...

6.5CVSS6.4AI score0.00256EPSS
Exploits0References8
NVD
NVD
added 6 days ago6 views

CVE-2026-15538

A weakness has been identified in primefaces primereact up to 10.9.8. This issue affects the function ObjectUtils.mutateFieldData of the component API. This manipulation of the argument Field causes improperly controlled modification of object prototype attributes. The attack is possible to be...

6.5CVSS0.00256EPSS
Exploits0References7
NVD
NVD
added 6 days ago10 views

CVE-2026-15553

Enterprise Cloud Database developed by Ragic has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload malicious files and make them available for users to download...

6.9CVSS0.00251EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago10 views

EUVD-2026-43262

A vulnerability was found in usestrix strix up to 1.0.2. This affects an unknown function of the file systemprompt.jinja of the component PyPI Handler. Performing a manipulation results in inclusion of functionality from untrusted control sphere. The attack is possible to be carried out remotely...

5.1CVSS5.4AI score0.00238EPSS
Exploits0References5
EUVD
EUVD
added 6 days ago12 views

EUVD-2026-43250

A vulnerability has been found in Leantime up to 3.8.0. This impacts the function editUser/addUser of the component JSON-RPC Endpoint. The manipulation of the argument role leads to improper authorization. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

6.5CVSS6.2AI score0.00333EPSS
Exploits0References6
Rows per page
Query Builder