Lucene search
K

1654 matches found

Nuclei
Nuclei
added 15 hours ago56 views

Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion

Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /...." substring. id: CVE-2022-26233 info: name: Barco Control Room Management Suite =2.9...

7.5CVSS7AI score0.15028EPSS
Exploits3References5
NVD
NVD
added 2 days ago6 views

CVE-2026-59516

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Reflected XSS.This issue affects ICS Calendar: from n/a through = 12.1.1...

7.1CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-59516

This CVE concerns the WordPress ICS Calendar plugin (ics-calendar) with versions up to 12.1.1. The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw caused by improper neutralization of input during web page generation. Affected component: ICS Calendar plugin’s input handling on the we...

7.1CVSS6.1AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added last week36 views

CVE-2026-59723 Cline: Cross-Origin WebSocket Hijacking in Cline Hub Dashboard (`/browser` endpoint)

Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. Prior to 3.0.30, the Cline Hub dashboard server launched by the cline dashboard command accepts WebSocket connections on the /browser endpoint without validating the Origin header, and when ROOMSECRET is unset for loc...

8.8CVSS0.00145EPSS
Exploits0References4
CVE
CVE
added last week14 views

CVE-2026-59723

The CVE-2026-59723 vulnerability affects the Cline Hub dashboard (the /browser WebSocket endpoint). Before version 3.0.30, the dashboard server did not validate the Origin header for WebSocket connections, and when ROOM_SECRET is unset on local 127.0.0.1, isAuthorizedBrowserRequest() could be abu...

8.8CVSS6.1AI score0.00145EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.13 views

PT-2026-56625

Name of the Vulnerable Software and Affected Versions Cline versions prior to 3.0.30 Description The Cline Hub dashboard server, initiated via the cline dashboard command, fails to validate the Origin header for WebSocket connections on the /browser endpoint. When the ROOM SECRET is unset for loc...

8.8CVSS6.2AI score0.00145EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.22 views

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50372)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50372 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Rajat Gupta CVE-2026-46331 - eventpoll: fix epremove struct eventpoll / struc...

9.8CVSS7AI score0.96267EPSS
Exploits333References820
NVD
NVD
added 2026/07/05 9:16 p.m.7 views

CVE-2026-14770

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS0.00269EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 9:0 p.m.7 views

CVE-2026-14770

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/07/05 9:0 p.m.26 views

CVE-2026-14770 SourceCodester Class and Exam Timetabling System edit_room.php sql injection

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 9:0 p.m.16 views

CVE-2026-14770

The CVE-2026-14770 entry affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability is an SQL injection in the /edit_room.php script caused by manipulating the ID parameter, allowing remote initiation of an attack. This is supported by multiple connected sources that describe...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 9:0 p.m.8 views

EUVD-2026-41780

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 4:19 p.m.10 views

CVE-2026-14762

A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The manipulation of the argument delete results in sql injection. It is possible to launch the attack...

7.5CVSS0.00269EPSS
Exploits1References6
EUVD
EUVD
added 2026/07/05 4:0 p.m.12 views

EUVD-2026-41772

A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The manipulation of the argument delete results in sql injection. It is possible to launch the attack...

7.5CVSS6.8AI score0.00269EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 4:0 p.m.9 views

CVE-2026-14762

A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The manipulation of the argument delete results in sql injection. It is possible to launch the attack...

7.5CVSS6.8AI score0.00269EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2026/07/05 2:16 p.m.7 views

CVE-2026-14754

A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. Affected is an unknown function of the file /admin/addroom.php. Executing a manipulation of the argument deleteimage/edit/description/number/price/rooms/type can lead to sql injection. The attack can be launched remotely. T...

7.5CVSS0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 2:0 p.m.26 views

CVE-2026-14754 code-projects Hotel and Tourism Reservation add_room.php sql injection

A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. Affected is an unknown function of the file /admin/addroom.php. Executing a manipulation of the argument deleteimage/edit/description/number/price/rooms/type can lead to sql injection. The attack can be launched remotely. T...

7.5CVSS0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/05 2:0 p.m.9 views

EUVD-2026-41760

A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. Affected is an unknown function of the file /admin/addroom.php. Executing a manipulation of the argument deleteimage/edit/description/number/price/rooms/type can lead to sql injection. The attack can be launched remotely. T...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
CVE
CVE
added 2026/07/05 2:0 p.m.18 views

CVE-2026-14754

The CVE covers code-projects Hotel and Tourism Reservation 1.0, where the /admin/add_room.php function is vulnerable. Manipulating the arguments delete_image, edit/description, number, price, rooms, or type can trigger an SQL injection. The attack can be launched remotely, and a public exploit ha...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.13 views

PT-2026-55812

Name of the Vulnerable Software and Affected Versions code-projects Hotel and Tourism Reservation version 1.0 Description An issue exists in the Room Management Page component within the file /admin/rooms.php. A remote attacker can perform a SQL injection—a technique used to manipulate a database...

7.5CVSS7.2AI score0.00269EPSS
Exploits1References9
Rows per page
Query Builder