Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

216506 matches found

Cvelist
Cvelistadded 2026/04/27 10:30 a.m.30 views

CVE-2026-7115 code-projects Employee Management System delete.php sql injection

A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might ...

6.5CVSS0.00192EPSS
Exploits0References5
CVE
CVEadded 2026/04/27 10:30 a.m.17 views

CVE-2026-7115

CVE-2026-7115 affects code-projects Employee Management System 1.0, with a vulnerability in the file 370project/delete.php. The issue arises from manipulating the argument ID, allowing SQL injection. Attacks may be launched remotely, and the exploit is publicly available. Current documents do not...

6.5CVSS6.6AI score0.00192EPSS
Exploits0References5
CVE
CVEadded 2026/04/27 10:24 a.m.7 views

CVE-2026-22336

CVE-2026-22336 affects the WordPress plugin Directorist Booking. It exposes an unauthenticated SQL Injection in versions up to 2.4.1, arising from improper neutralization of input used in SQL commands. Impact per sources is high: potential data disclosure or manipulation with no user interaction ...

9.3CVSS5.6AI score0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/27 10:24 a.m.4 views

CVE-2026-22336 WordPress Directorist Booking plugin < 3.0.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before 3.0.2...

9.3CVSS5.6AI score0.00283EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/27 10:24 a.m.3 views

CVE-2026-22336

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before 3.0.2...

9.3CVSS5.6AI score0.00283EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/27 10:15 a.m.33 views

CVE-2026-7114 code-projects Employee Management System edit.php sql injection

A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilize...

6.5CVSS0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 10:15 a.m.5 views

CVE-2026-7114

A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilize...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5Affected Software1
GithubExploit
GithubExploitadded 2026/04/27 8:29 a.m.86 views

Sentinal-ai

Sentinal-ai Free, offline...

5.7AI score
Exploits0
NVD
NVDadded 2026/04/27 6:16 a.m.4 views

CVE-2026-7087

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=savesales. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been...

7.5CVSS0.00254EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/27 4:45 a.m.4 views

EUVD-2026-25772

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS5.5AI score0.00254EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/27 4:45 a.m.2 views

CVE-2026-7088 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/27 4:45 a.m.29 views

CVE-2026-7088 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 4:45 a.m.6 views

CVE-2026-7088

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=savereceiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS5.5AI score0.00254EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/04/27 4:45 a.m.20 views

CVE-2026-7088

SourceCodester Pharmacy Sales and Inventory System 1.0 contains a SQL injection in /ajax.php?action=save_receiving triggered by manipulating the ID parameter. The flaw is exploitable remotely and the exploit is publicly available. No remediation details are provided in the documents.

7.5CVSS7.4AI score0.00254EPSS
Exploits0References5
CVE
CVEadded 2026/04/27 4:30 a.m.11 views

CVE-2026-7087

SourceCodester Pharmacy Sales and Inventory System 1.0 contains a SQL injection in /ajax.php?action=save_sales via manipulation of the ID parameter. The flaw is triggered remotely, allowing an attacker to influence the database query. The exploit is public and may be used for attacks. The descrip...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References5
NVD
NVDadded 2026/04/27 4:16 a.m.6 views

CVE-2026-7083

A vulnerability has been found in likeadmin-likeshop likeadminphp up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of the component dataTable Admin API. The manipulation leads to sql injection. The attack is possible to...

5.8CVSS0.00253EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/27 3:30 a.m.5 views

CVE-2026-7083

A vulnerability has been found in likeadmin-likeshop likeadminphp up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of the component dataTable Admin API. The manipulation leads to sql injection. The attack is possible to...

5.8CVSS5.2AI score0.00253EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/04/27 3:30 a.m.15 views

CVE-2026-7083

CVE-2026-7083 affects likeadmin-likeshop likeadmin_php up to 1.9.6. The vulnerability is in the function queryResult of server\app\adminapi\lists\tools\DataTableLists.php within the DataTable Admin API. This manipulation leads to a SQL injection vulnerability that can be exploited remotely. The e...

5.8CVSS5.1AI score0.00253EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/27 3:30 a.m.27 views

CVE-2026-7083 likeadmin-likeshop likeadmin_php dataTable Admin API DataTableLists.php queryResult sql injection

A vulnerability has been found in likeadmin-likeshop likeadminphp up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of the component dataTable Admin API. The manipulation leads to sql injection. The attack is possible to...

5.8CVSS0.00253EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/27 3:30 a.m.2 views

CVE-2026-7083 likeadmin-likeshop likeadmin_php dataTable Admin API DataTableLists.php queryResult sql injection

A vulnerability has been found in likeadmin-likeshop likeadminphp up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of the component dataTable Admin API. The manipulation leads to sql injection. The attack is possible to...

5.8CVSS4.9AI score0.00253EPSS
Exploits0References5
Rows per page
Query Builder