Lucene search
K

216707 matches found

Vulnrichment
Vulnrichment
added 2026/04/05 4:30 a.m.1 views

CVE-2026-5543 PHPGurukul User Registration & Login and User Management System yesterday-reg-users.php sql injection

A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 4:30 a.m.3 views

CVE-2026-5543

A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/05 4:30 a.m.14 views

CVE-2026-5543

CVE-2026-5543 affects PHPGurukul User Registration & Login and User Management System 3.3. The vulnerability is in /admin/yesterday-reg-users.php where manipulation of the ID parameter enables SQL injection. Remote exploitation is possible, and a public exploit exists. No product versions, patche...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5
NVD
NVD
added 2026/04/05 4:16 a.m.6 views

CVE-2026-5537

A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerability is the function checksel of the file Apps/Index/Controller/IndexController.class.php of the component HTTP GET Parameter Handler. The manipulation of the argument seid leads to sql injection...

6.5CVSS0.00246EPSS
Exploits0References4
CVE
CVE
added 2026/04/05 3:45 a.m.17 views

CVE-2026-5540

The CVE-2026-5540 entry concerns code-projects Simple Laundry System 1.0. The vulnerability is located in an unknown portion of the file /modifymember.php within the Parameter Handler component. The issue arises from manipulation of the firstName argument, enabling SQL injection. The attack can b...

7.5CVSS6.9AI score0.00274EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/05 3:45 a.m.2 views

CVE-2026-5540 code-projects Simple Laundry System Parameter modifymember.php sql injection

A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS6.9AI score0.00274EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/05 3:45 a.m.27 views

CVE-2026-5540 code-projects Simple Laundry System Parameter modifymember.php sql injection

A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS0.00274EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 3:45 a.m.3 views

CVE-2026-5540

A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/05 3:16 a.m.7 views

CVE-2026-5534

A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...

7.5CVSS0.00259EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 3:0 a.m.1 views

CVE-2026-5537

A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerability is the function checksel of the file Apps/Index/Controller/IndexController.class.php of the component HTTP GET Parameter Handler. The manipulation of the argument seid leads to sql injection...

6.5CVSS5.6AI score0.00246EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/05 3:0 a.m.3 views

CVE-2026-5537 halex CourseSEL HTTP GET Parameter IndexController.class.php check_sel sql injection

A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerability is the function checksel of the file Apps/Index/Controller/IndexController.class.php of the component HTTP GET Parameter Handler. The manipulation of the argument seid leads to sql injection...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References4
CVE
CVE
added 2026/04/05 3:0 a.m.13 views

CVE-2026-5537

CVE-2026-5537 affects halex CourseSEL up to version 1.1.0. The vulnerability resides in the HTTP GET Parameter Handler, specifically the function check_sel in Apps/Index/Controller/IndexController.class.php, where manipulation of the seid argument leads to SQL injection. It can be triggered remot...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/05 1:45 a.m.25 views

CVE-2026-5534 itsourcecode Online Enrollment System Parameter index.php sql injection

A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...

7.5CVSS0.00259EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.8 views

Ask Expert Script 跨站脚本漏洞

Ask Expert Script is an online Q&A system script for the PHP Scripts Mall community. Version 3.0.5 of the Ask Expert Script contains a cross-site scripting vulnerability. This vulnerability stems from cross-site scripting and SQL injection vulnerabilities, which may allow unverified attackers to...

9.8CVSS5.7AI score0.00465EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.7 views

KADOS SQL注入漏洞

KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this flaw allows attackers to manipulate database queries...

8.8CVSS5.8AI score0.00311EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.8 views

CodeAstro Online Classroom SQL注入漏洞

CodeAstro Online Classroom is an online classroom platform provided by CodeAstro Inc. Version 1.0 of CodeAstro Online Classroom has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “videotitle” in the file /OnlineClassroom/addvideos.php, which may...

6.5CVSS6.6AI score0.00257EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.7 views

PT-2026-30405

A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.7 views

KADOS SQL注入漏洞

KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability, which stems from the injection of SQL code through the idproject parameter. This vulnerability may lead to SQL injection attacks...

9.1CVSS5.9AI score0.00311EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.8 views

PT-2026-30483

CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send GET requests to post.php with malicious 'post' values to extract sensitive database information or perfor...

8.8CVSS6AI score0.00405EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.8 views

PT-2026-30484

Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view...

8.8CVSS6.2AI score0.00465EPSS
Exploits1References4
Rows per page
Query Builder