CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15894 matches found

CVE-2026-10693 SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization

A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the component Administrative Endpoint. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit...

6.5CVSS0.00043EPSS

Exploits0References6

EUVD•added 2 days ago•7 views

EUVD-2026-34058

6.5CVSS6.2AI score0.00043EPSS

Exploits0References6

Positive Technologies•added 2 days ago•10 views

PT-2026-45898

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/admin class novo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack...

7.5CVSS5.7AI score0.00033EPSS

Exploits0References7

Positive Technologies•added 2 days ago•10 views

PT-2026-45890

A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public and may be used...

7.5CVSS6.9AI score0.00046EPSS

Exploits0References7

Positive Technologies•added 2 days ago•10 views

PT-2026-45889

6.5CVSS6.2AI score0.00043EPSS

Exploits0References7

NVD•added 3 days ago•6 views

CVE-2026-10624

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS0.00034EPSS

Exploits0References6

CVE•added 3 days ago•12 views

CVE-2026-10624

The vulnerability affects SourceCodester Human Resource Management 1.0, in the Employee View Page’s detailview.php. Manipulating the employeeid parameter leads to improper control of resource identifiers (an IDOR-style issue). Exploitation can be performed remotely, and public disclosure of the e...

5.3CVSS5.3AI score0.00034EPSS

Exploits0References6

Cvelist•added 3 days ago•25 views

CVE-2026-10624 SourceCodester Human Resource Management Employee View detailview.php resource injection

5.3CVSS0.00034EPSS

Exploits0References6

ATTACKERKB•added 3 days ago•5 views

CVE-2026-10624

5.3CVSS5.3AI score0.00034EPSS

Exploits0References6Affected Software1

RedhatCVE•added 3 days ago•6 views

CVE-2026-10245

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function createsupplier of the file /ShowForm/createsupplier/main. Executing a manipulation of the argument companyname can lead to cross site scripting. The attack can be launched...

5.1CVSS4.2AI score0.00034EPSS

Exploits0References1

RedhatCVE•added 3 days ago•6 views

CVE-2026-10263

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...

7.5CVSS5.6AI score0.00033EPSS

Exploits0References1

NVD•added 3 days ago•9 views

CVE-2026-10558

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is now public and may...

6.5CVSS0.00046EPSS

Exploits0References6

Cvelist•added 3 days ago•32 views

CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS0.00046EPSS

Exploits0References6

Vulnrichment•added 3 days ago•6 views

CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion

6.5CVSS6.3AI score0.00046EPSS

Exploits0References6

CVE•added 3 days ago•11 views

CVE-2026-10559

CVE-2026-10559 affects SourceCodester Pizzafy Ecommerce System 1.0. The flaw is a file inclusion vulnerability in an unknown function of /index.php triggered by manipulation of the page argument, exploitable remotely . The exploit has been published. Per the sources, CVSS metrics indicate a MEDIU...

6.5CVSS6.3AI score0.00046EPSS

Exploits0References6

EUVD•added 3 days ago•6 views

EUVD-2026-33858

6.5CVSS6.4AI score0.00046EPSS

Exploits0References6

Cvelist•added 3 days ago•33 views

CVE-2026-10558 SourceCodester Pizzafy Ecommerce System index.php file inclusion

6.5CVSS0.00046EPSS

Exploits0References6

ATTACKERKB•added 3 days ago•8 views

CVE-2026-10558

6.5CVSS6.4AI score0.00046EPSS

Exploits0References6Affected Software1

Vulnrichment•added 3 days ago•6 views

CVE-2026-10558 SourceCodester Pizzafy Ecommerce System index.php file inclusion

6.5CVSS6.4AI score0.00046EPSS

Exploits0References6

EUVD•added 3 days ago•8 views

EUVD-2026-33835

A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function addreview/savereview/getallreviews of the file reviewapp.py. Performing a manipulation of the argument name/comment results in denial of service. The attack requires a local approac...

4.8CVSS5.5AI score0.00013EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by