CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

216356 matches found

CVE•added 2026/04/09 2:22 p.m.•25 views

CVE-2026-4112

SonicWall SMA1000 series devices are affected by CVE-2026-4112, an SQL injection vulnerability caused by improper neutralization of special elements. A remote authenticated attacker with read-only administrator privileges can escalate to primary administrator. The issue is documented by SonicWall...

7.2CVSS7.1AI score0.00613EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/04/09 2:22 p.m.•1 views

CVE-2026-4112

Improper neutralization of special elements used in an SQL command “SQL Injection” in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator...

7.1AI score0.00613EPSS

Exploits0References2

EUVD•added 2026/04/09 12:31 p.m.•1 views

EUVD-2026-20886

Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control Syst...

8.7CVSS6.1AI score0.0029EPSS

Exploits0References3

Vulnrichment•added 2026/04/09 9:41 a.m.•1 views

CVE-2026-34185 SQL Injection in Hydrosystem Control System

8.7CVSS6.1AI score0.0029EPSS

Exploits0References2

ATTACKERKB•added 2026/04/09 9:41 a.m.•3 views

CVE-2026-34185

8.7CVSS6.1AI score0.0029EPSS

Exploits0References3

EUVD•added 2026/04/09 6:30 a.m.•3 views

EUVD-2026-20836

A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

7.5CVSS6.8AI score0.00259EPSS

Exploits0References6

NVD•added 2026/04/09 5:16 a.m.•4 views

CVE-2026-5839

A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument sucatdescription leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

5.8CVSS0.00202EPSS

Exploits0References5

NVD•added 2026/04/09 5:16 a.m.•2 views

CVE-2026-5840

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS0.00202EPSS

Exploits0References5

NVD•added 2026/04/09 5:16 a.m.•1 views

CVE-2026-5838

A vulnerability was determined in PHPGurukul News Portal Project 4.1. This vulnerability affects unknown code of the file /admin/add-subadmins.php. This manipulation of the argument sadminusername causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed...

5.8CVSS0.00202EPSS

Exploits0References5

NVD•added 2026/04/09 4:17 a.m.•2 views

CVE-2026-5837

7.5CVSS0.00259EPSS

Exploits0References5

Cvelist•added 2026/04/09 4:0 a.m.•30 views

CVE-2026-5840 PHPGurukul News Portal Project check_availability.php sql injection

5.8CVSS0.00202EPSS

Exploits0References5

ATTACKERKB•added 2026/04/09 4:0 a.m.•2 views

CVE-2026-5840

5.8CVSS5.7AI score0.00202EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/04/09 4:0 a.m.•4 views

CVE-2026-5840 PHPGurukul News Portal Project check_availability.php sql injection

5.8CVSS5.7AI score0.00202EPSS

Exploits0References5

CVE•added 2026/04/09 4:0 a.m.•11 views

CVE-2026-5840

The CVE-2026-5840 entry concerns PHPGurukul News Portal Project 4.1. It specifies a SQL injection in an unknown function of /admin/check_availability.php arising from manipulation of the Username parameter, with remote exploitation possible. Public exploit is noted. No additional remediation step...

5.8CVSS5.7AI score0.00202EPSS

Exploits0References5

CVE•added 2026/04/09 3:45 a.m.•8 views

CVE-2026-5839

The CVE-2026-5839 entry affects PHPGurukul News Portal Project 4.1, where the SQL injection arises from unsafely processing the sucatdescription parameter in /admin/add-subcategory.php. The vulnerability is triggered remotely and is associated with a publicly available exploit. The provided docum...

5.8CVSS5.8AI score0.00202EPSS

Exploits0References5

Cvelist•added 2026/04/09 3:45 a.m.•29 views

CVE-2026-5839 PHPGurukul News Portal Project add-subcategory.php sql injection

5.8CVSS0.00202EPSS

Exploits0References5

ATTACKERKB•added 2026/04/09 3:45 a.m.•2 views

CVE-2026-5839

5.8CVSS5.8AI score0.00202EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/04/09 3:45 a.m.•1 views

CVE-2026-5839 PHPGurukul News Portal Project add-subcategory.php sql injection

5.8CVSS5.8AI score0.00202EPSS

Exploits0References5

EUVD•added 2026/04/09 3:31 a.m.•2 views

EUVD-2026-20823

A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element is an unknown function of the file /pages/content.php. This manipulation of the argument postid causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

7.5CVSS6.8AI score0.00254EPSS

Exploits0References6

CVE•added 2026/04/09 3:30 a.m.•6 views

CVE-2026-5838

The CVE concerns PHPGurukul News Portal Project 4.1. A vulnerability exists in unknown code of the file /admin/add-subadmins.php where manipulation of the argument sadminusername leads to SQL injection. The attack may be initiated remotely, and the exploit has been publicly disclosed and may be u...

5.8CVSS5.8AI score0.00202EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by