CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

278 matches found

CVE-2026-9446

A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/editcustomer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed t...

5.8CVSS5.7AI score0.00036EPSS

Exploits0References1

RedhatCVE•added 2026/05/26 8:14 p.m.•9 views

CVE-2026-9447

A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Name results in sql injection. The attack is possible to be carried out remotely. The exploit has be...

7.5CVSS6.9AI score0.00039EPSS

Exploits0References1

NVD•added 2026/05/25 10:16 a.m.•3 views

CVE-2026-9444

A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be launched remotely...

5.8CVSS0.00036EPSS

Exploits0References5

NVD•added 2026/05/25 10:16 a.m.•5 views

CVE-2026-9445

A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...

6.5CVSS0.0004EPSS

Exploits0References5

ATTACKERKB•added 2026/05/25 9:45 a.m.•7 views

CVE-2026-9447

7.5CVSS6.9AI score0.00039EPSS

Exploits0References5Affected Software1

EUVD•added 2026/05/25 9:30 a.m.•10 views

EUVD-2026-31660

5.8CVSS5.7AI score0.00036EPSS

Exploits0References5

Vulnrichment•added 2026/05/25 9:30 a.m.•2 views

CVE-2026-9446 SourceCodester Simple POS and Inventory System edit_customer.php sql injection

5.8CVSS5.7AI score0.00036EPSS

Exploits0References5

CVE•added 2026/05/25 9:0 a.m.•11 views

CVE-2026-9444

SourceCodester Simple POS and Inventory System 1.0 is affected in /admin/deleteproduct.php (GET Parameter Handler). The vulnerability occurs when the ID argument is manipulated, resulting in SQL injection. The issue may be exploited remotely and the exploit is public. No additional technical deta...

5.8CVSS5.7AI score0.00036EPSS

Exploits0References5

Vulnrichment•added 2026/05/25 9:0 a.m.•3 views

CVE-2026-9444 SourceCodester Simple POS and Inventory System GET Parameter deleteproduct.php delete sql injection

5.8CVSS5.7AI score0.00036EPSS

Exploits0References5

Positive Technologies•added 2026/05/25 12:0 a.m.•6 views

PT-2026-43031

A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/edit customer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed ...

5.8CVSS5.7AI score0.00036EPSS

Exploits0References5

NVD•added 2026/04/02 7:15 a.m.•1 views

CVE-2026-5325

A vulnerability was determined in SourceCodester Simple Customer Relationship Management System 1.0. This issue affects some unknown processing of the file /create-ticket.php of the component Create Ticket. This manipulation of the argument Description causes cross site scripting. Remote...

5.1CVSS0.00036EPSS

Exploits0References5

ATTACKERKB•added 2026/04/02 7:0 a.m.•3 views

CVE-2026-5325

5.1CVSS4.5AI score0.00036EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/04/02 12:0 a.m.•1 views

PT-2026-29685

5.1CVSS4.5AI score0.00036EPSS

Exploits0References6

RedhatCVE•added 2026/04/01 5:0 a.m.•0 views

CVE-2026-5179

A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

7.5CVSS7AI score0.00043EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:15 p.m.•2 views

CVE-2026-4573

A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/formhandlers/deletepost.php of the component HTTP GET Parameter Handler. The manipulation of the argument postid leads to sql injection. It is possible to...

6.5CVSS6.4AI score0.00042EPSS

Exploits0References1

EUVD•added 2026/03/23 6:30 a.m.•2 views

EUVD-2026-14363

6.5CVSS6.4AI score0.00042EPSS

Exploits0References6

NVD•added 2026/03/23 6:16 a.m.•2 views

CVE-2026-4573

6.5CVSS0.00042EPSS

Exploits0References5

NVD•added 2026/03/23 6:16 a.m.•0 views

CVE-2026-4574

A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely. The exploit is now...

6.5CVSS0.00042EPSS

Exploits0References5

Cvelist•added 2026/03/23 5:1 a.m.•36 views

CVE-2026-4573 SourceCodester Simple E-learning System HTTP GET Parameter delete_post.php sql injection

6.5CVSS0.00042EPSS

Exploits0References5

RedhatCVE•added 2026/02/26 4:16 a.m.•2 views

CVE-2026-3148

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

9.8CVSS5.4AI score0.00039EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by