CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

116 matches found

RedhatCVE•added 2026/06/09 2:59 p.m.•7 views

CVE-2026-11520

A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and...

5.1CVSS3.9AI score0.00248EPSS

Exploits0References1

RedhatCVE•added 2026/06/09 2:59 p.m.•8 views

CVE-2026-11518

A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be carried out remotely...

5.3CVSS3.8AI score0.00388EPSS

Exploits0References1

NVD•added 2026/06/08 3:16 p.m.•12 views

CVE-2026-11519

A security flaw has been discovered in SourceCodester Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ProductInventory/api/usershandler.php of the component Account Creation Handler. The manipulation of the argument ROLE results in improper...

6.5CVSS0.00261EPSS

Exploits0References5

NVD•added 2026/06/08 3:16 p.m.•9 views

CVE-2026-11520

5.1CVSS0.00248EPSS

Exploits0References5

Cvelist•added 2026/06/08 2:0 p.m.•38 views

CVE-2026-11520 SourceCodester Inventory System header.php cross site scripting

5.1CVSS0.00248EPSS

Exploits0References5

CVE•added 2026/06/08 2:0 p.m.•17 views

CVE-2026-11520

Summary: CVE-2026-11520 affects SourceCodester Inventory System 1.0, with the vulnerability in the header.php file enabling cross-site scripting. The issue can be triggered remotely and multiple parameters may be affected. Public exploit material exists. The connected records confirm the vulnerab...

5.1CVSS3.9AI score0.00248EPSS

Exploits0References5

ATTACKERKB•added 2026/06/08 2:0 p.m.•6 views

CVE-2026-11520

5.1CVSS3.9AI score0.00248EPSS

Exploits0References6Affected Software1

EUVD•added 2026/06/08 2:0 p.m.•9 views

EUVD-2026-35070

5.1CVSS3.9AI score0.00248EPSS

Exploits0References5

Cvelist•added 2026/06/08 1:45 p.m.•37 views

CVE-2026-11519 SourceCodester Inventory System Account Creation users_handler.php improper authorization

6.5CVSS0.00261EPSS

Exploits0References5

ATTACKERKB•added 2026/06/08 1:45 p.m.•4 views

CVE-2026-11519

6.5CVSS6.1AI score0.00261EPSS

Exploits0References6Affected Software1

EUVD•added 2026/06/08 1:45 p.m.•8 views

EUVD-2026-35069

6.5CVSS6.1AI score0.00261EPSS

Exploits0References5

Vulnrichment•added 2026/06/08 1:45 p.m.•7 views

CVE-2026-11519 SourceCodester Inventory System Account Creation users_handler.php improper authorization

6.5CVSS5AI score0.00261EPSS

Exploits0References5

EUVD•added 2026/06/08 1:30 p.m.•9 views

EUVD-2026-35068

5.3CVSS3.7AI score0.00388EPSS

Exploits0References6

Vulnrichment•added 2026/06/08 1:30 p.m.•8 views

CVE-2026-11518 SourceCodester Inventory System User Management users.php cross site scripting

5.3CVSS3.8AI score0.00388EPSS

Exploits0References6

CVE•added 2026/06/08 1:30 p.m.•20 views

CVE-2026-11518

SourceCodester Inventory System 1.0 is affected by a cross-site scripting vulnerability in the User Management page (file /users.php). The issue arises from manipulation of the fullname/username arguments, enabling remote, user-initiated XSS. Public exploit is referenced. The available documents ...

5.3CVSS3.7AI score0.00388EPSS

Exploits0References6

Positive Technologies•added 2026/06/08 12:0 a.m.•11 views

PT-2026-47294

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory System version 1.0 Description A weakness in the header.php file allows for remote cross-site scripting XSS, a technique where malicious scripts are injected into trusted websites. This issue involves unknown...

5.1CVSS5.1AI score0.00248EPSS

Exploits0References8

CNNVD•added 2026/06/08 12:0 a.m.•5 views

SourceCodester Inventory System 跨站脚本漏洞

The SourceCodester Inventory System is an open-source inventory system developed by SourceCodester. Version 1.0 of the SourceCodester Inventory System has a cross-site scripting vulnerability. This vulnerability stems from operations in the file header.php, which may lead to cross-site scripting...

5.1CVSS4.5AI score0.00248EPSS

Exploits0References2

Positive Technologies•added 2026/06/08 12:0 a.m.•9 views

PT-2026-47293

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory System version 1.0 Description An improper authorization issue exists in the Account Creation Handler component within the file '/Product Inventory/api/users handler.php'. A remote attacker can manipulate the ROLE...

6.5CVSS6.6AI score0.00261EPSS

Exploits0References8

Positive Technologies•added 2026/06/08 12:0 a.m.•12 views

PT-2026-47292

Name of the Vulnerable Software and Affected Versions SourceCodester Inventory System version 1.0 Description Cross site scripting can be triggered remotely via the User Management Page component in the file '/users.php'. The issue occurs through the manipulation of the fullname or username...

5.3CVSS5.2AI score0.00388EPSS

Exploits0References8

RedhatCVE•added 2026/03/28 4:56 a.m.•2 views

CVE-2026-30567

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the viewproduct.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS6AI score0.00271EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by