Lucene search
K

234690 matches found

Vulnrichment
Vulnrichment
added 2026/03/31 4:0 a.m.2 views

CVE-2026-5179 SourceCodester Simple Doctors Appointment System login.php sql injection

A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

7.5CVSS7AI score0.00259EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/03/31 2:2 a.m.40 views

Exploit for CVE-2026-7299

CVE-2026-7299 - Appsmith 1.98 Stored XSS SQL Autocomplete inn...

6.3CVSS5.9AI score0.00341EPSS
Exploits2
OSV
OSV
added 2026/03/31 1:31 a.m.5 views

CVE-2026-32714 SciTokens vulnerable to SQL Injection in KeyCache

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the KeyCache class in scitokens was vulnerable to SQL Injection because it used Python's str.format to construct SQL queries with user-supplied data such as issuer and keyid. This allowed an attacker to...

9.8CVSS6.1AI score0.00492EPSS
Exploits1References5
CVE
CVE
added 2026/03/31 1:31 a.m.16 views

CVE-2026-32714

SciTokens before v1.9.6 is affected: the KeyCache class builds SQL queries using Python string formatting, allowing SQL injection via user-supplied data (issuer, key_id) that could compromise the local SQLite database. The issue is fixed in v1.9.6. Affected software: SciTokens library; vulnerabil...

9.8CVSS6.1AI score0.00492EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/03/31 1:16 a.m.3 views

CVE-2026-27697

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

9.8CVSS0.00412EPSS
Exploits0References3
OSV
OSV
added 2026/03/31 12:44 a.m.8 views

CVE-2026-27697 baserCMS: SQL injection vulnerability in blog post

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

6.9CVSS7.1AI score0.00412EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/31 12:44 a.m.3 views

CVE-2026-27697

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

6.9CVSS5.8AI score0.00412EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/31 12:44 a.m.17 views

CVE-2026-27697

CVE-2026-27697 affects baserCMS before version 5.2.3, where a SQL injection vulnerability exists in the blog posts functionality. The issue, traced to the blog post handling, can allow an attacker to execute arbitrary SQL statements. BasercMS has patched this in 5.2.3; users on earlier versions s...

9.8CVSS7.1AI score0.00412EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/31 12:44 a.m.26 views

CVE-2026-27697 baserCMS: SQL injection vulnerability in blog post

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

6.9CVSS0.00412EPSS
Exploits0References3
CNVD
CNVD
added 2026/03/31 12:0 a.m.2 views

HCL Aftermarket DPC Input Validation Error Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from an input validation error vulnerability that can be exploited by an attacker to inject executable code and perform cross-site scripting, SQL injection, command injectio...

9.8CVSS5.9AI score0.00997EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.6 views

Code-Projects Student Membership System SQL注入漏洞

The Code-Projects Student Membership System is an open-source student management system developed by Code-Projects. Version 1.0 of the Code-Projects Student Membership System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file...

6.5CVSS6.6AI score0.00192EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.6 views

SourceCodester Loan Management System 安全漏洞

The SourceCodester Loan Management System is an open-source loan management system developed by SourceCodester. Version 1.0 of the SourceCodester Loan Management System has a security vulnerability. This vulnerability stems from improper input cleaning of the borrowerid parameter in the file...

5.4CVSS5.8AI score0.0022EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.7 views

Code-Projects Student Membership System SQL注入漏洞

Code-Projects Student Membership System is an open-source student management system developed by Code-Projects. Version 1.0 of the Code-Projects Student Membership System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the file...

6.5CVSS6.6AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/31 12:0 a.m.19 views

CVE-2026-30520

A Blind SQL Injection vulnerability exists in SourceCodester Loan Management System v1.0. The vulnerability is located in the ajax.php file specifically the saveloan action. The application fails to properly sanitize user input supplied to the "borrowerid" parameter in a POST request, allowing an...

0.0022EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.6 views

Code-Projects Simple Gym Management System SQL注入漏洞

Code-Projects Simple Gym Management System is an open-source gym management system developed by Code-Projects. Version 1.0 of the Code-Projects Simple Gym Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations on parameters such as...

6.5CVSS6.7AI score0.00192EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.7 views

SourceCodester Simple Doctors Appointment System SQL注入漏洞

SourceCodester Simple Doctors Appointment System is an easy doctor appointment system developed under the open-source framework of SourceCodester. Version 1.0 of the SourceCodester Simple Doctors Appointment System has a SQL injection vulnerability. This vulnerability arises from incorrect handli...

7.5CVSS7.2AI score0.00325EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.6 views

SourceCodester Simple Doctors Appointment System SQL注入漏洞

SourceCodester Simple Doctors Appointment System is an easy doctor appointment system developed under the open-source framework of SourceCodester. Version 1.0 of the SourceCodester Simple Doctors Appointment System has a SQL injection vulnerability. This vulnerability arises from incorrect handli...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.4 views

PT-2026-29215

SQL inyection SQLi vulnerability in Umami Software web application through an improperly sanitized parameter, which could allow an authenticated attacker to execute arbitrary SQL commands in the database.Specifically, they could manipulate the value of the 'timezone' request parameter by includin...

9.3CVSS6.2AI score0.00345EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/03/31 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-54726

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows SQL Injection.This issue affects JS Archive List: from n/a through 6.1.6...

9.3CVSS5.9AI score0.01425EPSS
In wildExploits2References2
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.3 views

PT-2026-29190

A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS5.8AI score0.00325EPSS
Exploits0References6
Rows per page
Query Builder