Lucene search
K

6392 matches found

NVD
NVD
added 2026/06/29 9:16 a.m.10 views

CVE-2026-13550

A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been mad...

7.5CVSS0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 9:15 a.m.5 views

EUVD-2026-40065

A vulnerability has been found in itsourcecode Online Hotel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/modamenities/controller.php?action=add of the component POST Request Handler. The manipulation of the argument Name leads to cross site...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 9:15 a.m.15 views

CVE-2026-13554

CVE-2026-13554 affects itsourcecode Online Hotel Management System 1.0. Affected component: POST Request Handler at /admin/mod_amenities/controller.php?action=add. The vulnerability arises from manipulation of the Name argument, resulting in a cross-site scripting (XSS) condition. The description...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 8:45 a.m.15 views

CVE-2026-13552

The CVE-2026-13552 entry concerns itsourcecode Online Hotel Management System 1.0. A SQL injection vulnerability exists in the file /admin/mod_amenities/controller.php?action=edit triggered by manipulating the amen_id argument. This vulnerability can be exploited remotely, and public exploitation...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 4:45 a.m.10 views

EUVD-2026-40033

A vulnerability has been found in GotoHTTP up to 10.2. This issue affects some unknown processing of the file /reg.12x. The manipulation of the argument sn leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor...

5.3CVSS4.2AI score0.00284EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 4:16 a.m.7 views

CVE-2026-13531

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /department.php. The manipulation of the argument editid results in sql injection. The attack may be performed from remote. The exploit has been released to the public a...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 4:16 a.m.8 views

CVE-2026-13530

A vulnerability was identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /appointmentdetail.php of the component Appointment Handler. The manipulation of the argument editid leads to sql injection. The attack is possible to be carried out remotel...

6.5CVSS0.002EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 12:31 a.m.10 views

EUVD-2026-40013

A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...

9CVSS8AI score0.00466EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/29 12:31 a.m.9 views

EUVD-2026-40012

A security vulnerability has been detected in Tenda JD12L 16.03.53.23. Impacted is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. Such manipulation of the argument startIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclos...

9CVSS8AI score0.00476EPSS
Exploits0References7
NVD
NVD
added 2026/06/29 12:16 a.m.11 views

CVE-2026-13516

A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...

9CVSS0.00466EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53243

Name of the Vulnerable Software and Affected Versions itsourcecode Online Hotel Management System version 1.0 Description A remote cross site scripting issue exists in the POST Request Handler component. The flaw occurs when the Name argument is manipulated within the '/admin/mod...

5.3CVSS5.4AI score0.00443EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/06/28 12:30 p.m.33 views

CVE-2026-13496 itsourcecode Hospital Management System ajaxmedicine.php sql injection

A vulnerability was found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /ajaxmedicine.php. The manipulation of the argument medicineid results in sql injection. It is possible to launch the attack remotely. The exploit has been made public...

6.5CVSS0.00204EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/28 10:30 a.m.10 views

CVE-2026-13488

A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/7.php. Affected by this vulnerability is an unknown functionality of the file /preview7.php. The manipulation of the argument courseyearsection results in sql injection. The attack may be launched remotely...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/28 10:15 a.m.36 views

CVE-2026-13487 SourceCodester Class and Exam Timetabling System archive.php sql injection

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive.php. The manipulation of the argument sy leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

7.5CVSS0.00269EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.8 views

PT-2026-53166

Name of the Vulnerable Software and Affected Versions SimStudioAI sim versions prior to 0.6.93 Description An issue exists in the Password Protection Handler component within the apps/sim/lib/core/security/deployment.ts library. A remote attacker can perform a manipulation that results in the use...

6.3CVSS5.7AI score0.00216EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : libarchive (EulerOS-SA-2026-2445)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of...

7.5CVSS7.1AI score0.00882EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in dcmtk

A vulnerability was detected in OFFIS DCMTK up to version 3.6.9. The issue affects the function DcmByteString::makeDicomByteString in the file dcmdata/libsrc/dcbytstr.cc of the dcmdata component. This manipulation can lead to memory corruption. The attack can be launched remotely. Upgrading to...

6.5CVSS6.3AI score0.00233EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

RHEL 7 : webkitgtk4 (RHSA-2026:27728)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27728 advisory. WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. Security...

8.8CVSS6.8AI score0.00693EPSS
Exploits0References34
EUVD
EUVD
added 2026/06/21 9:0 a.m.7 views

EUVD-2026-38155

A vulnerability was identified in BerriAI litellm up to 1.82.2. This impacts the function getredirectresponsefromopenid of the file litellm/proxy/managementendpoints/uisso.py of the component SSO Authentication Flow. The manipulation leads to session expiration. The attack is possible to be carri...

6.5CVSS6.2AI score0.00358EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/21 1:0 a.m.35 views

CVE-2026-12771 BerriAI litellm M2M JWT user_api_key_auth.py improper authorization

A vulnerability was identified in BerriAI litellm up to 1.82.2. This affects an unknown function of the file litellm/proxy/auth/userapikeyauth.py of the component M2M JWT Handler. Such manipulation leads to improper authorization. The attack can be launched remotely. A high complexity level is...

5CVSS0.00288EPSS
Exploits1References5
Rows per page
Query Builder