174 matches found
CVE-2026-14687
Affected software: 666ghj BettaFish (≤1.2.1). Vulnerable component: InsightEngine search-result Deduplication, specifically function _deduplicate_results in InsightEngine/agent.py. Root cause: manipulation can cause partial string comparison. Impact: remote exploitation possible. Publicly disclos...
EUVD-2026-41709
A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function deduplicateresults of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched...
CVE-2026-10691
A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component startsearch. Performing a manipulation of the argument SearchResult results in inefficient regular expression complexity. It is...
CVE-2026-3001
The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. Specifically, the rendercontent method in class-search-result-title.php outputs the val...
CVE-2026-3001 Gutenverse <= 3.4.6 - Reflected Cross-Site Scripting via 's' Parameter
The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. Specifically, the rendercontent method in class-search-result-title.php outputs the val...
CVE-2021-27124
SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...
EUVD-2026-10239
A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...
CVE-2026-3735
A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit h...
CVE-2026-3736
A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...
CVE-2026-3736
A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...
CVE-2026-3736 code-projects Simple Flight Ticket Booking System SearchResultRoundtrip.php sql injection
A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...
CVE-2026-3736 code-projects Simple Flight Ticket Booking System SearchResultRoundtrip.php sql injection
A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploi...
CVE-2026-3735
CVE-2026-3735 affects the code-projects Simple Flight Ticket Booking System 1.0 . The vulnerability is in the file SearchResultOneway.php , caused by manipulation of the from argument that leads to an SQL injection. The attack can be launched remotely and the exploit has been publicly disclosed. ...
CVE-2026-3735 code-projects Simple Flight Ticket Booking System SearchResultOneway.php sql injection
A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit h...
CVE-2026-3735 code-projects Simple Flight Ticket Booking System SearchResultOneway.php sql injection
A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit h...
Code-Projects Simple Flight Ticket Booking System SQL注入漏洞
Code-Projects Simple Flight Ticket Booking System is a simple airline ticket booking system developed by Code-Projects. Version 1.0 of the code-projects Simple Flight Ticket Booking System has a SQL injection vulnerability. This vulnerability stems from the handling of the 'from' parameter in the...
Code-Projects Simple Flight Ticket Booking System SQL注入漏洞
Code-Projects Simple Flight Ticket Booking System is a simple airline ticket booking system developed by Code-Projects. Version 1.0 of the code-projects Simple Flight Ticket Booking System has a SQL injection vulnerability. This vulnerability stems from the handling of the 'from' parameter in the...
PT-2026-23940
Name of the Vulnerable Software and Affected Versions Simple Flight Ticket Booking System version 1.0 Description A SQL injection issue exists in Simple Flight Ticket Booking System version 1.0. The issue is located in the SearchResultOneway.php file and involves manipulation of the from argument...
MAL-2026-874 Malicious code in google-search-result (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ada4db6050e81933dbf7a82d659e0793c79b0b8f771b3175b5ef4668563238a Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...
CVE-2018-10052
iScripts SupportDesk v4.3 has XSS via the admin/inteligentsearchresult.php txtinteligentsearch parameter...