Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

16049 matches found

NVD
NVDadded 2026/03/09 12:16 p.m.4 views

CVE-2026-3817

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. This issue affects some unknown processing of the file /patient-search.php. The manipulation results in improper authorization. The attack can be launched remotely. The exploit is now public and may ...

6.9CVSS0.00016EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/03/09 11:32 a.m.3 views

CVE-2026-3817 SourceCodester Patients Waiting Area Queue Management System patient-search.php improper authorization

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. This issue affects some unknown processing of the file /patient-search.php. The manipulation results in improper authorization. The attack can be launched remotely. The exploit is now public and may ...

6.9CVSS5.9AI score0.00016EPSS
Exploits1References5
CVE
CVEadded 2026/03/09 11:32 a.m.10 views

CVE-2026-3817

The CVE-2026-3817 entry concerns SourceCodester Patients Waiting Area Queue Management System 1.0. Affected component: the file /patient-search.php, where manipulation leads to improper authorization. Root cause is an authorization bypass allowing remote access. Exploitation is reported as public...

6.9CVSS5.9AI score0.00016EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/03/09 11:32 a.m.26 views

CVE-2026-3817 SourceCodester Patients Waiting Area Queue Management System patient-search.php improper authorization

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. This issue affects some unknown processing of the file /patient-search.php. The manipulation results in improper authorization. The attack can be launched remotely. The exploit is now public and may ...

6.9CVSS0.00016EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2026/03/09 8:2 a.m.4 views

CVE-2026-3702

A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. The attack is possible to be carried out remotely. The exploit is...

6.1CVSS4.3AI score0.00048EPSS
Exploits1References1
EUVD
EUVDadded 2026/03/09 6:31 a.m.2 views

EUVD-2026-10291

A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. Affected is the function doInsert of the file /controller.php?action=add. Such manipulation of the argument image leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclose...

8.8CVSS6.3AI score0.00048EPSS
Exploits1References6
EUVD
EUVDadded 2026/03/09 6:31 a.m.3 views

EUVD-2026-10299

A weakness has been identified in SourceCodester/janobe Resort Reservation System 1.0. This issue affects some unknown processing of the file /roomrates.php. This manipulation of the argument q causes sql injection. The attack can be initiated remotely. The exploit has been made available to the...

8.8CVSS6.5AI score0.00037EPSS
Exploits1References5
CVE
CVEadded 2026/03/09 6:2 a.m.9 views

CVE-2026-3806

CVE-2026-3806 affects SourceCodester/janobe Resort Reservation System 1.0. The vulnerability is a SQL injection in an unknown handling of /room_rates.php triggered by the q parameter. Exploitation can be conducted remotely; the exploit has been publicly released and PoCs exist. No remediation det...

8.8CVSS6.5AI score0.00037EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2026/03/09 4:16 a.m.1 views

CVE-2026-3800

A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. Affected is the function doInsert of the file /controller.php?action=add. Such manipulation of the argument image leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclose...

8.8CVSS5.5AI score0.00048EPSS
Exploits1References5
NVD
NVDadded 2026/03/09 4:16 a.m.3 views

CVE-2026-3800

A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. Affected is the function doInsert of the file /controller.php?action=add. Such manipulation of the argument image leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclose...

8.8CVSS0.00048EPSS
Exploits1References5
EUVD
EUVDadded 2026/03/09 3:30 a.m.2 views

EUVD-2026-10282

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchaseinvoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The explo...

8.8CVSS6.4AI score0.00037EPSS
Exploits1References6
EUVD
EUVDadded 2026/03/09 3:30 a.m.3 views

EUVD-2026-10281

A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to be carried out...

8.8CVSS6.4AI score0.00037EPSS
Exploits1References6
NVD
NVDadded 2026/03/09 2:15 a.m.1 views

CVE-2026-3792

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchaseinvoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The explo...

8.8CVSS0.00037EPSS
Exploits1References5
OSV
OSVadded 2026/03/09 2:15 a.m.1 views

CVE-2026-3792

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchaseinvoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The explo...

8.8CVSS5.6AI score
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/03/09 1:32 a.m.3 views

CVE-2026-3793

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file salesinvoice1.php of the component GET Parameter Handler. This manipulation of the argument sellid causes sql injection. It is possible to initiate the attack...

6.5CVSS6.5AI score0.00013EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/09 1:32 a.m.2 views

CVE-2026-3793 SourceCodester Sales and Inventory System GET Parameter sales_invoice1.php sql injection

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file salesinvoice1.php of the component GET Parameter Handler. This manipulation of the argument sellid causes sql injection. It is possible to initiate the attack...

6.5CVSS5.7AI score0.00013EPSS
Exploits1References5
CVE
CVEadded 2026/03/09 1:32 a.m.10 views

CVE-2026-3793

SourceCodester Sales and Inventory System 1.0 contains a GET parameter handling flaw in sales_invoice1.php (sellid) that enables SQL injection. The vulnerability is remotely exploitable and has publicly disclosed exploits. Remediation guidance from PT-2026-23998 suggests applying a fix to the SQL...

8.8CVSS6.5AI score0.00013EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2026/03/09 1:15 a.m.1 views

CVE-2026-3791

A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to be carried out...

8.8CVSS5.6AI score
Exploits0References5
NVD
NVDadded 2026/03/09 1:15 a.m.1 views

CVE-2026-3791

A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to be carried out...

8.8CVSS0.00037EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/03/09 1:2 a.m.1 views

CVE-2026-3792

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchaseinvoice.php of the component GET Parameter Handler. The manipulation of the argument purchaseid results in sql injection. The attack may be performed from remote. The explo...

6.5CVSS6.4AI score0.00037EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder