Lucene search
K

234727 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/27 2:25 a.m.3 views

CVE-2026-4908

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /modstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in sql injection. The attack may be performed from remote. The exploit...

7.5CVSS6.8AI score0.00393EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/27 2:25 a.m.3 views

CVE-2026-4908 code-projects Simple Laundry System Parameter modstaffinfo.php sql injection

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /modstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in sql injection. The attack may be performed from remote. The exploit...

7.5CVSS6.8AI score0.00393EPSS
Exploits1References5
CVE
CVE
added 2026/03/27 2:25 a.m.12 views

CVE-2026-4908

The CVE-2026-4908 entry concerns code-projects Simple Laundry System 1.0. The vulnerability resides in the Parameter Handler’s modstaffinfo.php, where manipulating the userid parameter enables SQL injection. The flaw is exploitable remotely and has seen public exploit activity. Connected sources ...

9.8CVSS6.8AI score0.00393EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/03/27 12:31 a.m.4 views

EUVD-2026-16458

A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to the public and...

6.9CVSS5.6AI score0.00433EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

6AI score0.00446EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28682

A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The affected element is an unknown function of the file /DevicePrint.do?Action=ReadTask of the component Parameter Handler. The manipulation of the argument State results in sql injection. The attack can be launch...

7.5CVSS5.8AI score0.00318EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/27 12:0 a.m.2 views

CVE-2026-24031

Dovecot SQL based authentication can be bypassed when authusernamechars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear authusernamechars. If this is not possible, install latest fixed version. No publicly available exploits...

8.2CVSS5.9AI score0.00395EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2026/03/27 12:0 a.m.7 views

Grafana -- RCE on Grafana via sqlExpressions

https://grafana.com/security/security-advisories/cve-2026-27876 reports: A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avo...

9.1CVSS6.6AI score0.01929EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/27 12:0 a.m.21 views

CVE-2026-30534

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

0.00328EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30534

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...

6AI score0.00328EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/27 12:0 a.m.21 views

CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

0.00446EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30533

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...

6AI score0.00394EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.1 views

CVE-2026-30531

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecategory action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious S...

6AI score0.00445EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:0 a.m.2 views

CVE-2026-30529

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...

6AI score0.00446EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.4 views

PT-2026-28673

Name of the Vulnerable Software and Affected Versions Shenzhen Ruiming Technology Streamax Crocus versions up to 1.3.44 Description A security issue exists in Shenzhen Ruiming Technology Streamax Crocus. The issue involves a SQL injection affecting an unknown function within the /RemoteFormat.do...

7.5CVSS5.6AI score0.00259EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.4 views

PT-2026-28404

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the save category action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious...

8.8CVSS6AI score0.00445EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.6 views

Code-Projects Simple Laundry System SQL注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of Code-Projects Simple Laundry System contains a SQL...

9.8CVSS7.2AI score0.00393EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.2 views

PT-2026-28624

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions up to and including 26.0 Description WWBN AVideo is an open source video platform. In versions up to and including 26.0, the Live schedule::keyExists method builds a SQL query by directly inserting a stream key into the...

9.1CVSS5.8AI score0.00344EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.7 views

WWBN AVideo SQL注入漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contain an SQL injection vulnerability. This vulnerability stems from the Liveschedule::keyExists method, which does not protect parameterized queries, potentially allowing...

9.1CVSS5.8AI score0.00344EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.4 views

PT-2026-28406

A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage product.php file via the "id" parameter...

9.8CVSS6AI score0.00394EPSS
Exploits1References2
Rows per page
Query Builder