Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

233820 matches found

Vulnrichment
Vulnrichmentadded 2026/05/01 3:45 a.m.2 views

CVE-2026-7550 SourceCodester Pharmacy Sales and Inventory System ajax.php save_customer sql injection

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=savecustomer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS6.8AI score0.00043EPSS
Exploits0References5
CVE
CVEadded 2026/05/01 3:45 a.m.3 views

CVE-2026-7550

CVE-2026-7550 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability is in an unknown function of the file /ajax.php?action=save_customer where manipulation of the argument ID leads to an SQL injection. It is exploitable remotely and the exploit has been disclosed publi...

7.5CVSS7.3AI score0.00043EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/01 3:45 a.m.2 views

EUVD-2026-26476

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=savecustomer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS5.5AI score0.00043EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/01 3:30 a.m.4 views

CVE-2026-7549 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_customer sql injection

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS6.8AI score0.00043EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/01 3:30 a.m.3 views

EUVD-2026-26475

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS5.3AI score0.00043EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/01 3:30 a.m.29 views

CVE-2026-7549 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_customer sql injection

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS0.00043EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/01 3:30 a.m.1 views

CVE-2026-7549

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

7.5CVSS5.3AI score0.00043EPSS
Exploits0References5Affected Software1
Fedora
Fedoraadded 2026/05/01 3:6 a.m.4 views

[SECURITY] Fedora 43 Update: openbao-2.5.3-1.fc43

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

7.5CVSS5.4AI score0.00054EPSS
Exploits1
CVE
CVEadded 2026/05/01 1:45 a.m.7 views

CVE-2026-7545

SourceCodester Advanced School Management System 1.0 is affected by an SQL injection in the checkEmail endpoint, specifically via the commonController.php function. The vulnerability stems from manipulation of an element within that file, enabling remote exploitation. The exploit has been publicl...

7.5CVSS7.3AI score0.00043EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/01 1:45 a.m.2 views

CVE-2026-7545 SourceCodester Advanced School Management System checkEmail Endpoint commonController.php sql injection

A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unknown function of the file commonController.php of the component checkEmail Endpoint. This manipulation causes sql injection. Remote exploitation of the attack is possible. The...

7.5CVSS6.8AI score0.00043EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/01 1:45 a.m.2 views

EUVD-2026-26471

A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unknown function of the file commonController.php of the component checkEmail Endpoint. This manipulation causes sql injection. Remote exploitation of the attack is possible. The...

7.5CVSS7.3AI score0.00043EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/01 1:45 a.m.36 views

CVE-2026-7545 SourceCodester Advanced School Management System checkEmail Endpoint commonController.php sql injection

A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unknown function of the file commonController.php of the component checkEmail Endpoint. This manipulation causes sql injection. Remote exploitation of the attack is possible. The...

7.5CVSS0.00043EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/01 1:45 a.m.3 views

CVE-2026-7545

A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unknown function of the file commonController.php of the component checkEmail Endpoint. This manipulation causes sql injection. Remote exploitation of the attack is possible. The...

7.5CVSS5.3AI score0.00043EPSS
Exploits0References5Affected Software1
CNNVD
CNNVDadded 2026/05/01 12:0 a.m.5 views

SourceCodester Advanced School Management System 注入漏洞

SourceCodester Advanced School Management System is an advanced school management system developed by SourceCodester as open source. Version 1.0 of the SourceCodester Advanced School Management System has a vulnerability related to SQL injection, which originates from an unknown function in the...

7.5CVSS7.1AI score0.00043EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/01 12:0 a.m.5 views

EUVD-2026-26669

SQL Injection via ORDER BY clause in V2Board thru 1.7.4. In app/Http/Controllers/Admin/UserController.php, the sort parameter from user input is passed directly to User::orderBy$sort, $sortType without validation. An authenticated admin can sort users by any database column including password,...

4.9CVSS5.9AI score0.00035EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/01 12:0 a.m.1 views

CVE-2026-42474

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted data array to the data function in BuildHelper.php...

6.5CVSS5.8AI score0.00045EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/01 12:0 a.m.3 views

PT-2026-36298

A vulnerability was found in code-projects Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit exercises.php. The manipulation of the argument edit exercise results in sql injection. It is possible to launch the attack remotely. The exploi...

5.8CVSS5.7AI score0.00039EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/05/01 12:0 a.m.1 views

PT-2026-36302

A vulnerability was identified in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/login.php. Such manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

7.5CVSS7AI score0.00043EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/05/01 12:0 a.m.4 views

CVE-2026-37505

SQL Injection via ORDER BY clause in V2Board thru 1.7.4. In app/Http/Controllers/Admin/UserController.php, the sort parameter from user input is passed directly to User::orderBy$sort, $sortType without validation. An authenticated admin can sort users by any database column including password,...

4.9CVSS5.9AI score0.00035EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/01 12:0 a.m.26 views

CVE-2026-37505

SQL Injection via ORDER BY clause in V2Board thru 1.7.4. In app/Http/Controllers/Admin/UserController.php, the sort parameter from user input is passed directly to User::orderBy$sort, $sortType without validation. An authenticated admin can sort users by any database column including password,...

4.9CVSS0.00035EPSS
Exploits0References2
Rows per page
Query Builder