Lucene search
K

174 matches found

CVE
CVE
added 8 hours ago4 views

CVE-2026-14687

Affected software: 666ghj BettaFish (≤1.2.1). Vulnerable component: InsightEngine search-result Deduplication, specifically function _deduplicate_results in InsightEngine/agent.py. Root cause: manipulation can cause partial string comparison. Impact: remote exploitation possible. Publicly disclos...

6.9CVSS5.8AI score
Exploits0References7
EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-41709

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function deduplicateresults of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched...

6.9CVSS5.8AI score
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/02 11:30 p.m.6 views

CVE-2026-10691

A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component startsearch. Performing a manipulation of the argument SearchResult results in inefficient regular expression complexity. It is...

5.3CVSS5.4AI score0.00354EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2026/05/27 8:16 a.m.12 views

CVE-2026-3001

The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. Specifically, the rendercontent method in class-search-result-title.php outputs the val...

6.1CVSS0.00204EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/27 7:45 a.m.14 views

CVE-2026-3001 Gutenverse <= 3.4.6 - Reflected Cross-Site Scripting via 's' Parameter

The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. Specifically, the rendercontent method in class-search-result-title.php outputs the val...

6.1CVSS6AI score0.00204EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/27 2:26 p.m.3 views

CVE-2021-27124

SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...

6.5CVSS6.7AI score0.05721EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/08 3:30 p.m.5 views

EUVD-2026-10239

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

7.5CVSS6.9AI score0.00345EPSS
Exploits1References6
OSV
OSV
added 2026/03/08 1:16 p.m.2 views

CVE-2026-3735

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit h...

9.8CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2026/03/08 1:16 p.m.6 views

CVE-2026-3736

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

9.8CVSS5.7AI score0.00345EPSS
Exploits1References5
NVD
NVD
added 2026/03/08 1:16 p.m.9 views

CVE-2026-3736

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

9.8CVSS0.00345EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/08 1:2 p.m.36 views

CVE-2026-3736 code-projects Simple Flight Ticket Booking System SearchResultRoundtrip.php sql injection

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

7.5CVSS0.00345EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/08 1:2 p.m.3 views

CVE-2026-3736 code-projects Simple Flight Ticket Booking System SearchResultRoundtrip.php sql injection

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...

7.5CVSS5.7AI score0.00345EPSS
Exploits1References5
CVE
CVE
added 2026/03/08 1:2 p.m.12 views

CVE-2026-3735

CVE-2026-3735 affects the code-projects Simple Flight Ticket Booking System 1.0 . The vulnerability is in the file SearchResultOneway.php , caused by manipulation of the from argument that leads to an SQL injection. The attack can be launched remotely and the exploit has been publicly disclosed. ...

9.8CVSS6.9AI score0.00345EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/08 1:2 p.m.3 views

CVE-2026-3735 code-projects Simple Flight Ticket Booking System SearchResultOneway.php sql injection

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit h...

7.5CVSS5.8AI score0.00345EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/08 1:2 p.m.36 views

CVE-2026-3735 code-projects Simple Flight Ticket Booking System SearchResultOneway.php sql injection

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit h...

7.5CVSS0.00345EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/08 12:0 a.m.5 views

Code-Projects Simple Flight Ticket Booking System SQL注入漏洞

Code-Projects Simple Flight Ticket Booking System is a simple airline ticket booking system developed by Code-Projects. Version 1.0 of the code-projects Simple Flight Ticket Booking System has a SQL injection vulnerability. This vulnerability stems from the handling of the 'from' parameter in the...

9.8CVSS7.2AI score0.00345EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/03/08 12:0 a.m.6 views

Code-Projects Simple Flight Ticket Booking System SQL注入漏洞

Code-Projects Simple Flight Ticket Booking System is a simple airline ticket booking system developed by Code-Projects. Version 1.0 of the code-projects Simple Flight Ticket Booking System has a SQL injection vulnerability. This vulnerability stems from the handling of the 'from' parameter in the...

9.8CVSS7.2AI score0.00345EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.10 views

PT-2026-23940

Name of the Vulnerable Software and Affected Versions Simple Flight Ticket Booking System version 1.0 Description A SQL injection issue exists in Simple Flight Ticket Booking System version 1.0. The issue is located in the SearchResultOneway.php file and involves manipulation of the from argument...

9.8CVSS7AI score0.00345EPSS
Exploits1References13
OSV
OSV
added 2026/02/12 11:27 p.m.7 views

MAL-2026-874 Malicious code in google-search-result (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7ada4db6050e81933dbf7a82d659e0793c79b0b8f771b3175b5ef4668563238a Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:19 p.m.7 views

CVE-2018-10052

iScripts SupportDesk v4.3 has XSS via the admin/inteligentsearchresult.php txtinteligentsearch parameter...

4.8CVSS5.9AI score0.00559EPSS
Exploits1References1
Rows per page
Query Builder