CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

216210 matches found

EUVD•added 2026/05/08 3:30 a.m.•8 views

EUVD-2026-28488

A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file postcomment.php. This manipulation of the argument Name causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

7.5CVSS5.6AI score0.00254EPSS

Exploits0References6

Cvelist•added 2026/05/08 3:30 a.m.•33 views

CVE-2026-8133 zyx0814 FilePress Shares Filelist API admin.php sql injection

A security vulnerability has been detected in zyx0814 FilePress up to 2.2.0. Affected by this vulnerability is an unknown functionality of the file dzz/shares/admin.php of the component Shares Filelist API. Such manipulation of the argument order leads to sql injection. The attack can be launched...

7.5CVSS0.00272EPSS

Exploits0References8

ATTACKERKB•added 2026/05/08 3:30 a.m.•4 views

CVE-2026-8133

7.5CVSS6.7AI score0.00272EPSS

Exploits0References8Affected Software1

Vulnrichment•added 2026/05/08 3:30 a.m.•6 views

CVE-2026-8133 zyx0814 FilePress Shares Filelist API admin.php sql injection

7.5CVSS6.7AI score0.00272EPSS

Exploits0References8

Vulnrichment•added 2026/05/08 3:15 a.m.•5 views

CVE-2026-8132 CodeAstro Leave Management System login.php sql injection

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

7.5CVSS6.9AI score0.00254EPSS

Exploits0References5

CVE•added 2026/05/08 3:15 a.m.•11 views

CVE-2026-8132

CVE-2026-8132 affects CodeAstro Leave Management System 1.0. The vulnerability resides in an unknown function of login.php, where manipulation of the txt_username argument enables SQL injection. The issue can be triggered remotely and the exploit has been made public, indicating realism and poten...

7.5CVSS6.9AI score0.00254EPSS

Exploits0References5

Cvelist•added 2026/05/08 3:0 a.m.•25 views

CVE-2026-8131 SourceCodester SUP Online Shopping replymsg.php sql injection

A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS0.00318EPSS

Exploits0References5

Vulnrichment•added 2026/05/08 3:0 a.m.•6 views

CVE-2026-8131 SourceCodester SUP Online Shopping replymsg.php sql injection

7.5CVSS6.9AI score0.00318EPSS

Exploits0References5

CVE•added 2026/05/08 3:0 a.m.•10 views

CVE-2026-8131

SourceCodester SUP Online Shopping 1.0 contains a SQL injection in /admin/replymsg.php via the msgid parameter. The affected component is a server-side PHP script handling admin replies. Exploitation is remote and the vulnerability is evidenced by publicly released exploits; CVSS data indicate a ...

7.5CVSS6.9AI score0.00318EPSS

Exploits0References5

Cvelist•added 2026/05/08 2:45 a.m.•27 views

CVE-2026-8130 SourceCodester SUP Online Shopping message.php sql injection

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be...

7.5CVSS0.00254EPSS

Exploits0References5

ATTACKERKB•added 2026/05/08 2:45 a.m.•4 views

CVE-2026-8130

7.5CVSS7AI score0.00254EPSS

Exploits0References5Affected Software1

CVE•added 2026/05/08 2:30 a.m.•8 views

CVE-2026-8129

SourceCodester SUP Online Shopping 1.0 is affected. The vulnerability targets wishlist.php via manipulation of the delwlistid parameter, causing SQL injection. This can be exploited remotely, and public exploits have been disclosed. CVSS data across versions indicates a high-severity impact (AV:N...

7.5CVSS6.9AI score0.00254EPSS

Exploits0References5

ATTACKERKB•added 2026/05/08 2:30 a.m.•3 views

CVE-2026-8129

A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a manipulation of the argument delwlistid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly...

7.5CVSS6.9AI score0.00254EPSS

Exploits0References5Affected Software1

NVD•added 2026/05/08 2:16 a.m.•10 views

CVE-2026-8125

A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business parameter validity results in sql injection. The attack may be launched remotely. The exploit is now...

6.5CVSS0.0025EPSS

Exploits0References5

ATTACKERKB•added 2026/05/08 2:15 a.m.•4 views

CVE-2026-8128

A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made...

7.5CVSS6.9AI score0.00254EPSS

Exploits0References5Affected Software1

ATTACKERKB•added 2026/05/08 1:45 a.m.•5 views

CVE-2026-8126

7.5CVSS6.8AI score0.00254EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/05/08 1:45 a.m.•30 views

CVE-2026-8126 SourceCodester Comment System post_comment.php sql injection

7.5CVSS0.00254EPSS

Exploits0References5

Vulnrichment•added 2026/05/08 1:45 a.m.•7 views

CVE-2026-8126 SourceCodester Comment System post_comment.php sql injection