Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

232681 matches found

NVD
NVDadded 5 days ago9 views

CVE-2026-49489

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...

8.5CVSS0.00029EPSS
Exploits0References4
Debian
Debianadded 5 days ago8 views

[SECURITY] [DSA 6312-1] symfony security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6312-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 31, 2026 https://www.debian.org/security/faq -...

7.3CVSS7.4AI score0.88664EPSS
Exploits0
CVE
CVEadded 5 days ago17 views

CVE-2026-49490

OpenCATS (version 0.9.1a) contains an SQL injection in DataGrid filter handling for the Tags column in the Candidates DataGrid. The vulnerability can be exploited by authenticated attackers who manipulate filter requests to bypass column filter restrictions and execute arbitrary SQL queries again...

8.6CVSS6.1AI score0.00026EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 5 days ago9 views

CVE-2026-49490

OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...

8.6CVSS6.1AI score0.00026EPSS
Exploits0References3
Cvelist
Cvelistadded 5 days ago26 views

CVE-2026-49490 OpenCATS - SQL Injection in DataGrid Filter Handling for Tags Column

OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...

8.6CVSS0.00026EPSS
Exploits0References2
CVE
CVEadded 5 days ago14 views

CVE-2026-49489

OpenCATS up to version 0.9.7.4 is affected by an SQL injection in the DataGrid sortDirection parameter, enabling an authenticated user to exfiltrate data via ajax/getDataGridPager.php. The underlying issue is a vulnerable sortDirection parameter that allows time-based blind injections, potentiall...

8.5CVSS5.9AI score0.00029EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 5 days ago5 views

CVE-2026-49489 OpenCATS - SQL Injection in DataGrid sortDirection Parameter

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...

8.5CVSS5.9AI score0.00029EPSS
Exploits0References4
NVD
NVDadded 5 days ago9 views

CVE-2026-10178

A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may ...

7.5CVSS0.00033EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 5 days ago8 views

CVE-2026-10178

A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may ...

7.5CVSS7AI score0.00033EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 5 days ago4 views

CVE-2026-10178 code-projects Online Music Site AdminEditAlbum.php sql injection

A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may ...

7.5CVSS5.7AI score0.00033EPSS
Exploits0References6
Cvelist
Cvelistadded 5 days ago27 views

CVE-2026-10178 code-projects Online Music Site AdminEditAlbum.php sql injection

A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may ...

7.5CVSS0.00033EPSS
Exploits0References6
EUVD
EUVDadded 5 days ago9 views

EUVD-2026-33498

A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may ...

7.5CVSS7AI score0.00033EPSS
Exploits0References6
CVE
CVEadded 5 days ago12 views

CVE-2026-10178

CVE-2026-10178 affects code-projects Online Music Site 1.0. The vulnerability is due to manipulation of the argument ID in the file /Administrator/PHP/AdminEditAlbum.php, leading to an SQL injection. The attack can be performed remotely, and the exploit is publicly available. No remediation or pa...

7.5CVSS7AI score0.00033EPSS
Exploits0References6
NVD
NVDadded 5 days ago9 views

CVE-2026-10176

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and...

6.5CVSS0.00033EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 5 days ago7 views

CVE-2026-10176

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and...

6.5CVSS6.4AI score0.00033EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 5 days ago24 views

CVE-2026-10176 Aider-AI Aider Code Generation Workflow sql injection

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and...

6.5CVSS0.00033EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 5 days ago7 views

CVE-2026-10176 Aider-AI Aider Code Generation Workflow sql injection

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and...

6.5CVSS6.4AI score0.00033EPSS
Exploits0References6
NVD
NVDadded 5 days ago11 views

CVE-2026-10171

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public a...

5.8CVSS0.00027EPSS
Exploits0References5
NVD
NVDadded 5 days ago12 views

CVE-2026-10170

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone0.php. This manipulation of the argument phone causes sql injection. The attack may be initiated remotely. The exploit has been published and may be...

6.5CVSS0.00028EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 5 days ago7 views

CVE-2026-10171

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public a...

5.8CVSS5.7AI score0.00027EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder