Lucene search
K

217034 matches found

CVE
CVE
added 1 hour ago4 views

CVE-2026-14471

Improper Neutralization of Special Elements in the metrics-service retention policy management component in Amazon mcp-gateway-registry before 1.0.13 might allow an authenticated remote user to execute arbitrary SQL queries via a crafted tablename value that is interpolated into SQL statements in...

8.6CVSS
Exploits0References3
NVD
NVD
added 15 hours ago7 views

CVE-2026-14799

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 16 hours ago4 views

CVE-2026-14799

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS6.5AI score
Exploits0References6Affected Software1
CVE
CVE
added 16 hours ago7 views

CVE-2026-14799

CodeAstro Ecommerce Website 1.0 is affected by CVE-2026-14799 due to a SQL injection in /customer/my_account.php?my_wishlist when manipulating the delete_wishlist argument. The issue is exploitable remotely with a low-privilege, no-user-interaction path (network vector, low complexity; exploit ma...

6.5CVSS6.5AI score
Exploits0References6
NVD
NVD
added 16 hours ago7 views

CVE-2026-14796

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS
Exploits0References6
NVD
NVD
added 16 hours ago7 views

CVE-2026-14795

A vulnerability has been found in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/action-visitor.php. Such manipulation of the argument remark leads to sql injection. The attack may be performed from remote. Th...

6.5CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 17 hours ago3 views

CVE-2026-14798

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /apartment-visitor/visitor-entry.php. The manipulation of the argument visname leads to sql injection. The attack can be initiated remotely. The exploit is...

6.5CVSS6.6AI score
Exploits0References6Affected Software1
CVE
CVE
added 17 hours ago7 views

CVE-2026-14798

CVE-2026-14798 affects CodeAstro Apartment Visitor Management System 1.0. The issue arises from processing the parameter visname in the file /apartment-visitor/visitor-entry.php, which can lead to a SQL injection. The vulnerability is exploitable remotely, with a publicly available exploit. The s...

6.5CVSS6.6AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 17 hours ago4 views

CVE-2026-14797

A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...

6.5CVSS6.6AI score
Exploits0References6Affected Software1
CVE
CVE
added 17 hours ago5 views

CVE-2026-14797

CodeAstro Apartment Visitor Management System 1.0 contains a SQL injection in /apartment-visitor/edit-apartment.php via manipulated editid. The vulnerability is remotely exploitable and affects unknown code paths in the file. Publicly disclosed exploits exist. The CVSS metrics indicate a network-...

6.5CVSS6.6AI score
Exploits0References6
Cvelist
Cvelist
added 17 hours ago9 views

CVE-2026-14797 CodeAstro Apartment Visitor Management System edit-apartment.php sql injection

A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...

6.5CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 17 hours ago5 views

CVE-2026-14796

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS6.5AI score
Exploits0References6Affected Software1
Cvelist
Cvelist
added 17 hours ago7 views

CVE-2026-14796 CodeAstro Apartment Visitor Management System report.php sql injection

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS
Exploits0References6
CVE
CVE
added 17 hours ago8 views

CVE-2026-14796

CVE-2026-14796 affects CodeAstro Apartment Visitor Management System 1.0. Affected component: /apartment-visitor/report.php; vulnerability: SQL injection triggered by manipulating the fromdate parameter. Attackable remotely over network with no user interaction; attacker privileges required: LOW....

6.5CVSS6.5AI score
Exploits0References6
EUVD
EUVD
added 17 hours ago7 views

EUVD-2026-41807

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS5.8AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 18 hours ago6 views

CVE-2026-14795

A vulnerability has been found in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/action-visitor.php. Such manipulation of the argument remark leads to sql injection. The attack may be performed from remote. Th...

6.5CVSS6.4AI score
Exploits0References6Affected Software1
Cvelist
Cvelist
added 18 hours ago6 views

CVE-2026-14795 CodeAstro Apartment Visitor Management System action-visitor.php sql injection

A vulnerability has been found in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/action-visitor.php. Such manipulation of the argument remark leads to sql injection. The attack may be performed from remote. Th...

6.5CVSS
Exploits0References6
CVE
CVE
added 18 hours ago6 views

CVE-2026-14795

CodeAstro Apartment Visitor Management System 1.0 contains a SQL injection vulnerability in the file /apartment-visitor/action-visitor.php, triggered via the remark parameter. The flaw allows remote attackers to manipulate SQL queries and may be exploited without user interaction. The exploitatio...

6.5CVSS6.4AI score
Exploits0References6
Nuclei
Nuclei
added 18 hours ago13 views

Citrix SD-WAN and NetScaler SD-WAN - SQL Injection

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 contain an SQL injection vulnerability. An unauthenticated attacker can exploit improper validation of input in specific components, which could allow for execution of arbitrary SQL queries against the backend database...

9.8CVSS7.4AI score0.94046EPSS
Exploits5References4
Nuclei
Nuclei
added 18 hours ago42 views

Ally – Web Accessibility & Usability <= 4.0.3 - SQL Injection

The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to SQL Injection via the URL path in all versions up to, and including, 4.0.3. This is due to insufficient escaping on the user-supplied URL parameter in the getglobalremediations method, where it is directly concatenated...

7.5CVSS6.8AI score0.02289EPSS
Exploits1References2
Rows per page
Query Builder