Lucene search
K

1306 matches found

EUVD
EUVD
added 3 days ago8 views

EUVD-2026-41754

A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcpwiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side...

6.5CVSS5.5AI score0.00231EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-55797

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote SQL injection is possible due to improper manipulation of the field name argument within the Notes controller::search scratch data function locate...

6.5CVSS6.7AI score0.00204EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-55798

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote cross-site scripting issue exists due to improper manipulation of the argument reference within the add definition function located in the...

5.1CVSS5.7AI score0.00203EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-55793

Name of the Vulnerable Software and Affected Versions AIAnytime Awesome-MCP-Server versions up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab Description A flaw in the mcp-wiki/wiki-summary component, specifically within the mcp-wiki/src/mcp wiki/server.py file, allows for server-side request forger...

6.5CVSS6.6AI score0.00231EPSS
Exploits0References11
NVD
NVD
added 4 days ago6 views

CVE-2026-14633

A vulnerability was determined in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 49b20f53de2b7ec34e920b11c863f1491d911a04. This affects an unknown part of the file /index.php/api/product/set of the component Hidden REST API Endpoint. This manipulation of the argument title/description causes...

5.3CVSS0.00288EPSS
Exploits0References7
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-41680

A vulnerability was identified in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 213babdbaa949e94557246414db0130e01394517. This vulnerability affects the function checkForPostRequests of the file application/core/MYController.php of the component Subscribed Emails Admin Page. Such manipulation...

5.3CVSS4.1AI score0.00288EPSS
Exploits0References7
NVD
NVD
added 4 days ago5 views

CVE-2026-14622

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...

7.5CVSS0.00517EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago39 views

CVE-2026-14622 jairiidriss restaurant-website-php-mysql AJAX Endpoint ajax_files missing authentication

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...

7.5CVSS0.00517EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-41661

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...

7.5CVSS6.6AI score0.00517EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 4 days ago9 views

PT-2026-55689

Name of the Vulnerable Software and Affected Versions jairiidriss restaurant-website-php-mysql versions up to 521428b5b612449df0cf4a5d15ee40cba67f3d35 Description A missing authentication flaw exists in the AJAX Endpoint component. A remote attacker can manipulate the '/admin/ajax files' endpoint...

7.5CVSS7.1AI score0.00517EPSS
Exploits0References9
CVE
CVE
added 2026/06/29 5:15 p.m.10 views

CVE-2026-13592

The CVE-2026-13592 issue affects liftoff-sr CIPster (up to commit e8e9dba09bf56962807d3504b783ccdb6287f3e4). The vulnerability is in BufWriter::append within the EtherNet IP Message Handler, where manipulation can cause an out-of-bounds write. It allows remote exploitation, and public exploits ar...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References9
NVD
NVD
added 2026/06/28 2:16 p.m.10 views

CVE-2026-13499

A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file loginregister.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting. The attack may be initiat...

5.3CVSS0.00278EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/28 1:15 p.m.8 views

EUVD-2026-39997

A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file loginregister.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting. The attack may be initiat...

5.3CVSS4.4AI score0.00278EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/28 1:15 p.m.26 views

CVE-2026-13499 yashpokharna2555 restaurent-management-system Registration login_register.php cross site scripting

A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file loginregister.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting. The attack may be initiat...

5.3CVSS0.00278EPSS
Exploits0References6
CVE
CVE
added 2026/06/28 1:15 p.m.15 views

CVE-2026-13499

CVE-2026-13499 concerns a cross-site scripting flaw in the yashpokharna2555 restaurent-management-system, affecting the Registration Handler’s login_register.php. Manipulating the Username argument enables an XSS condition, with remote initiation possible. The exploit has been publicly released; ...

5.3CVSS4.4AI score0.00278EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 3:16 p.m.10 views

CVE-2026-49319

Remote Keyless Entry System RKES, using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a...

6.9CVSS0.0024EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 2:11 p.m.37 views

CVE-2026-49319 Alps Electric Co., Ltd. R53R0 Remote Keyless Entry System (RKES) Replay Attack

Remote Keyless Entry System RKES, using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a...

6.9CVSS0.0024EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/25 2:11 p.m.8 views

CVE-2026-49319 Alps Electric Co., Ltd. R53R0 Remote Keyless Entry System (RKES) Replay Attack

Remote Keyless Entry System RKES, using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a...

6.9CVSS5.9AI score0.0024EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 2:11 p.m.7 views

EUVD-2026-39417

Remote Keyless Entry System RKES, using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a...

6.9CVSS5.9AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.26 views

PT-2026-52445

Name of the Vulnerable Software and Affected Versions Remote Keyless Entry System RKES using 433 MHz key fob FCC ID CWTR53R0 affected versions not specified Description The system is susceptible to a roll-back attack targeting its rolling-code authentication. An attacker within radio frequency...

6.9CVSS5.8AI score0.0024EPSS
Exploits0References5
Rows per page
Query Builder