Lucene search
+L

765 matches found

Cvelist
Cvelist
added yesterday33 views

CVE-2026-15909 RafyMrX TOKO-ONLINE-ROTI add.php authorization

A vulnerability has been found in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected is an unknown function of the file proses/add.php. The manipulation of the argument kdcs leads to authorization bypass. The attack is possible to be carried out remotely. This produ...

6.5CVSS0.00211EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday6 views

CVE-2026-15909

A vulnerability has been found in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected is an unknown function of the file proses/add.php. The manipulation of the argument kdcs leads to authorization bypass. The attack is possible to be carried out remotely. This produ...

6.5CVSS6.3AI score0.00211EPSS
Exploits0References5
EUVD
EUVD
added yesterday7 views

EUVD-2026-44839

A vulnerability has been found in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected is an unknown function of the file proses/add.php. The manipulation of the argument kdcs leads to authorization bypass. The attack is possible to be carried out remotely. This produ...

6.5CVSS6.3AI score0.00211EPSS
Exploits0References4
CVE
CVE
added 3 days ago10 views

CVE-2026-15752

CVE-2026-15752 affects the backend user endpoint of zhinianboke xianyu-auto-reply, specifically an issue in an unknown function under the file path /api/v1/users/ that permits remote manipulation leading to missing authorization. The vulnerability is linked to a rolling-release project with no pu...

7.5CVSS6.5AI score0.00297EPSS
Exploits0References7
NVD
NVD
added 4 days ago5 views

CVE-2026-15535

A vulnerability was determined in AkariAsai self-rag up to 1fcdc420e48f50a7d7ab1ece5494221b93252e99. Affected by this issue is the function Indexer.deserializefrom of the file retrievallm/src/index.py of the component retrievallm. Executing a manipulation of the argument indexmeta.faiss can lead ...

6.5CVSS0.00247EPSS
Exploits0References7
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-43277

A vulnerability has been found in yashbhalgat HashNeRF-pytorch up to 82885e698295982504eb6a26d060a6b2473e3706. Affected by this issue is the function torch.load of the file runnerf.py of the component Checkpoint File Handler. The manipulation of the argument ckptpath leads to deserialization. The...

5.3CVSS5.6AI score0.00121EPSS
Exploits0References7
NVD
NVD
added 5 days ago8 views

CVE-2026-15498

A vulnerability was identified in sergomanov SmartHomeAdatum up to cf495353d81b680675eb8d9aa14a318aa45ce12c. This impacts an unknown function of the file users.php of the component Login. Such manipulation of the argument Login leads to sql injection. The attack may be launched remotely. This...

7.5CVSS0.00254EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-43220

A vulnerability was identified in sergomanov SmartHomeAdatum up to cf495353d81b680675eb8d9aa14a318aa45ce12c. This impacts an unknown function of the file users.php of the component Login. Such manipulation of the argument Login leads to sql injection. The attack may be launched remotely. This...

7.5CVSS6.7AI score0.00254EPSS
Exploits0References4
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-15498 sergomanov SmartHomeAdatum Login users.php sql injection

A vulnerability was identified in sergomanov SmartHomeAdatum up to cf495353d81b680675eb8d9aa14a318aa45ce12c. This impacts an unknown function of the file users.php of the component Login. Such manipulation of the argument Login leads to sql injection. The attack may be launched remotely. This...

7.5CVSS0.00254EPSS
Exploits0References4
NVD
NVD
added 5 days ago6 views

CVE-2026-15492

A security vulnerability has been detected in igweze wizgrade up to b1d55f22b90cd7e7a6e5002f006d7c649e8086d6. This vulnerability affects unknown code of the file dashboard/studentConductManager.php. Such manipulation leads to cross site scripting. The attack may be performed from remote. The...

5.3CVSS0.00422EPSS
Exploits0References5
NVD
NVD
added 5 days ago8 views

CVE-2026-15490

A security flaw has been discovered in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this issue is some unknown functionality of the file proses/add.php. The manipulation of the argument kodeproduk/kdcs results in sql injection. The attack can be executed...

7.5CVSS0.00393EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43214

A security vulnerability has been detected in igweze wizgrade up to b1d55f22b90cd7e7a6e5002f006d7c649e8086d6. This vulnerability affects unknown code of the file dashboard/studentConductManager.php. Such manipulation leads to cross site scripting. The attack may be performed from remote. The...

5.3CVSS4.6AI score0.00422EPSS
Exploits0References5
CVE
CVE
added 5 days ago14 views

CVE-2026-15491

The CVE-2026-15491 entry concerns RafyMrX TOKO-ONLINE-ROTI (up to commit ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99). The weakness is missing authentication in an unspecified part of the system. It can be exploited remotely over a network, with a low attack complexity and no required privileges. Th...

7.5CVSS6.7AI score0.00627EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-43212

A security flaw has been discovered in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this issue is some unknown functionality of the file proses/add.php. The manipulation of the argument kodeproduk/kdcs results in sql injection. The attack can be executed...

7.5CVSS6.7AI score0.00393EPSS
Exploits0References4
CVE
CVE
added 5 days ago15 views

CVE-2026-15489

The CVE-2026-15489 entry describes a SQL injection in RafyMrX TOKO-ONLINE-ROTI (up to commit ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99) via an input in the file proses/login.php where the Username argument is manipulated. The vulnerability is exploitable remotely, with a publicly available exploit...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-43211

A vulnerability was identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this vulnerability is an unknown functionality of the file proses/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack i...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References4
NVD
NVD
added 2026/07/09 4:16 p.m.7 views

CVE-2026-15188

A weakness has been identified in manjurulhoque django-job-portal up to dfa352f305bba44445ac5dc12e9b2a98c9dcd71f. Affected by this vulnerability is the function EditEmployeeProfileAPIView of the file accounts/api/views.py of the component Employee Dashboard Endpoint. This manipulation of the...

6.5CVSS0.00209EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/09 3:15 p.m.7 views

EUVD-2026-42606

A weakness has been identified in manjurulhoque django-job-portal up to dfa352f305bba44445ac5dc12e9b2a98c9dcd71f. Affected by this vulnerability is the function EditEmployeeProfileAPIView of the file accounts/api/views.py of the component Employee Dashboard Endpoint. This manipulation of the...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
NVD
NVD
added 2026/07/06 8:16 a.m.9 views

CVE-2026-14800

A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...

5.3CVSS0.00159EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/06 6:0 a.m.5 views

EUVD-2026-41813

A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...

5.3CVSS5.5AI score0.00159EPSS
Exploits0References6
Rows per page
Query Builder