Lucene search
K

234710 matches found

NVD
NVD
added 2026/03/27 4:16 a.m.2 views

CVE-2026-4910

A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus up to 1.3.44. Affected is an unknown function of the file /RemoteFormat.do of the component Endpoint. Such manipulation of the argument State leads to sql injection. It is possible to launch the attack...

7.5CVSS0.00259EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/27 3:1 a.m.2 views

CVE-2026-4910 Shenzhen Ruiming Technology Streamax Crocus Endpoint RemoteFormat.do sql injection

A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus up to 1.3.44. Affected is an unknown function of the file /RemoteFormat.do of the component Endpoint. Such manipulation of the argument State leads to sql injection. It is possible to launch the attack...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/27 3:1 a.m.35 views

CVE-2026-4910 Shenzhen Ruiming Technology Streamax Crocus Endpoint RemoteFormat.do sql injection

A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus up to 1.3.44. Affected is an unknown function of the file /RemoteFormat.do of the component Endpoint. Such manipulation of the argument State leads to sql injection. It is possible to launch the attack...

7.5CVSS0.00259EPSS
Exploits0References4
CVE
CVE
added 2026/03/27 3:1 a.m.8 views

CVE-2026-4910

CVE-2026-4910 affects Shenzhen Ruiming Technology Streamax Crocus bis 1.3.44. The vulnerability resides in an unknown function of the file /RemoteFormat.do in the Endpoint component, where manipulation of the argument State results in SQL injection. It can be triggered remotely, with exploitation...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/27 2:25 a.m.3 views

CVE-2026-4908

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /modstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in sql injection. The attack may be performed from remote. The exploit...

7.5CVSS6.8AI score0.00393EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/27 2:25 a.m.3 views

CVE-2026-4908 code-projects Simple Laundry System Parameter modstaffinfo.php sql injection

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /modstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in sql injection. The attack may be performed from remote. The exploit...

7.5CVSS6.8AI score0.00393EPSS
Exploits1References5
CVE
CVE
added 2026/03/27 2:25 a.m.12 views

CVE-2026-4908

The CVE-2026-4908 entry concerns code-projects Simple Laundry System 1.0. The vulnerability resides in the Parameter Handler’s modstaffinfo.php, where manipulating the userid parameter enables SQL injection. The flaw is exploitable remotely and has seen public exploit activity. Connected sources ...

9.8CVSS6.8AI score0.00393EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/03/27 12:31 a.m.4 views

EUVD-2026-16458

A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to the public and...

6.9CVSS5.6AI score0.00433EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

6AI score0.00446EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28681

A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the file /OperateStatistic.do. The manipulation of the argument VehicleID results in sql injection. The attack can be launched remotely. The exploit has been made public and could ...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28682

A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The affected element is an unknown function of the file /DevicePrint.do?Action=ReadTask of the component Parameter Handler. The manipulation of the argument State results in sql injection. The attack can be launch...

7.5CVSS5.8AI score0.00318EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/27 12:0 a.m.2 views

CVE-2026-24031

Dovecot SQL based authentication can be bypassed when authusernamechars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear authusernamechars. If this is not possible, install latest fixed version. No publicly available exploits...

8.2CVSS5.9AI score0.00395EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/27 12:0 a.m.21 views

CVE-2026-30534

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

0.00328EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30534

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

6AI score0.00328EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/27 12:0 a.m.21 views

CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

0.00446EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30533

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...

6AI score0.00394EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30531

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecategory action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious S...

6AI score0.00445EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.2 views

CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

6AI score0.00446EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.7 views

SourceCodester Online Food Ordering System 安全漏洞

The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the saveuser operation in the Actions.php file,...

8.8CVSS5.9AI score0.00446EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.4 views

PT-2026-28404

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the save category action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious...

8.8CVSS6AI score0.00445EPSS
Exploits1References2
Rows per page
Query Builder