CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1229 matches found

CVE-2026-11495

A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/addstock.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be...

6.5CVSS

Exploits0References6

CVE•added 7 hours ago•15 views

CVE-2026-11495

The CVE affects CodeAstro Ingredients Stock Management System 1.0. Vulnerable component: /Ingredients-Stock/add_stock.php. Root cause: manipulation of the argument ID enables an SQL injection. Impact: data confidentiality/integrity/availability may be affected; attack vector is network with low c...

6.5CVSS6.6AI score

Exploits0References6

Vulnrichment•added 7 hours ago•3 views

CVE-2026-11495 CodeAstro Ingredients Stock Management System add_stock.php sql injection

6.5CVSS5.5AI score

Exploits0References6

Cvelist•added 7 hours ago•8 views

CVE-2026-11495 CodeAstro Ingredients Stock Management System add_stock.php sql injection

6.5CVSS

Exploits0References6

EUVD•added 7 hours ago•5 views

EUVD-2026-35026

6.5CVSS6.5AI score

Exploits0References6

ATTACKERKB•added 7 hours ago•7 views

CVE-2026-11495

6.5CVSS6.5AI score

Exploits0References6Affected Software1

Positive Technologies•added 14 hours ago•5 views

PT-2026-47257

A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/add stock.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be...

6.5CVSS5.5AI score

Exploits0References7

EUVD•added 3 days ago•9 views

EUVD-2026-33408

Shopper: Missing authorization on Product admin Livewire sub-form components...

6.5CVSS5.4AI score0.00029EPSS

Exploits0References3

OSV•added 3 days ago•3 views

GHSA-H4MP-G9C6-XWPH Shopper: Missing authorization on Product admin Livewire sub-form components

Impact Sub-form Livewire components used in the product editor Edit, Inventory, Seo, Shipping, Files had no authorization on their store method. Any authenticated panel user, regardless of role, could mutate any product's pricing, stock, SEO metadata, shipping dimensions, and attached media witho...

6.5CVSS5.6AI score0.00029EPSS

Exploits0References4

Github Security Blog•added 3 days ago•13 views

Shopper: Missing authorization on Product admin Livewire sub-form components

6.5CVSS5.6AI score0.00029EPSS

Exploits0References4Affected Software1

RedhatCVE•added 3 days ago•6 views

CVE-2026-10235

A flaw has been found in CodeAstro Ingredients Stock Management System 1.0. This vulnerability affects unknown code of the file /Ingredients-Stock/stockmanager.php. This manipulation of the argument txtsearchcategory causes sql injection. The attack may be initiated remotely. The exploit has been...

6.5CVSS6.5AI score0.00037EPSS

Exploits0References1

RedhatCVE•added 3 days ago•4 views

CVE-2026-42207

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, MageProductAlertAddController::stockAction reads the uenc query parameter and passes...

6.1CVSS5.4AI score0.00029EPSS

Exploits0References1

RedhatCVE•added 3 days ago•5 views

CVE-2026-39380

Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Prior to 3.4.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Stock Locations configuration feature. The application fails to properly sanitize user input supplied throug...

5.4CVSS5.6AI score0.00035EPSS

Exploits1References1

The Hacker News•added 4 days ago•12 views

Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months

Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in small, repeated batches and routing it through Dropbox and OneDrive so the traffic blended into normal cloud activity. Symantec and Carbon Black...

5.8AI score

Exploits0

RedhatCVE•added last week•9 views

CVE-2026-47742

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Sub-form Livewire components used in the product editor Edit, Inventory, Seo, Shipping, Files had no authorization on their store method. Any authenticated panel user, regardless of role, could mutate any product's pricing, stock, SEO...

6.5CVSS5.9AI score0.00029EPSS

Exploits0References1

NVD•added 2026/06/01 8:16 a.m.•9 views

CVE-2026-10235

6.5CVSS0.00037EPSS

Exploits0References6

ATTACKERKB•added 2026/06/01 7:15 a.m.•7 views

CVE-2026-10235

6.5CVSS6.5AI score0.00037EPSS

Exploits0References6Affected Software1

Cvelist•added 2026/06/01 7:15 a.m.•38 views

CVE-2026-10235 CodeAstro Ingredients Stock Management System stock_manager.php sql injection

6.5CVSS0.00037EPSS

Exploits0References6

CVE•added 2026/06/01 7:15 a.m.•12 views

CVE-2026-10235

CodeAstro Ingredients Stock Management System 1.0 contains an SQL injection in stock_manager.php via the txt_search_category parameter. The vulnerability affects unknown code in /Ingredients-Stock/stock_manager.php and can be exploited remotely; exploit has been published. No remediation details ...

6.5CVSS6.5AI score0.00037EPSS

Exploits0References6

Vulnrichment•added 2026/06/01 7:15 a.m.•5 views

CVE-2026-10235 CodeAstro Ingredients Stock Management System stock_manager.php sql injection

6.5CVSS5.7AI score0.00037EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by