Lucene search
K

1351 matches found

NVD
NVD
added 2026/05/03 2:16 p.m.25 views

CVE-2026-7697

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS0.00206EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/03 1:15 p.m.8 views

EUVD-2026-26835

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/03 1:15 p.m.7 views

CVE-2026-7697

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/03 1:15 p.m.4 views

CVE-2026-7697 AMTT Hotel Broadband Operation System cardhand_submit.php sql injection

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhandsubmit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References4
CVE
CVE
added 2026/05/03 1:15 p.m.9 views

CVE-2026-7697

CVE-2026-7697 affects AMTT Hotel Broadband Operation System 1.0. Affected component: /manager/card/cardhand_submit.php where an argument ID enables a SQL injection. Reported remote exploitation with a publicly disclosed exploit; vendor did not respond. CVSS metrics indicate NETWORK access, LOW im...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/03 4:25 a.m.7 views

CVE-2026-5063

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submitnexform function in versions up to, and including, 9.1.11 due to insufficient input sanitization and output escaping. This makes it...

7.2CVSS6AI score0.00243EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.9 views

PT-2026-36700

A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand submit.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.9 views

AMTT Hotel Broadband Operation System 注入漏洞

AMTT Hotel Broadband Operation System is a hotel broadband operation system developed by AMTT Corporation. Version 1.0 of the AMTT Hotel Broadband Operation System contains a injection vulnerability. This vulnerability arises from the operation of unknown functions on parameters ID in the file...

5.8CVSS5.8AI score0.00206EPSS
Exploits0References2
CVE
CVE
added 2026/05/02 4:27 a.m.23 views

CVE-2025-14726

The CVE concerns the Widgets for Social Photo Feed plugin for WordPress. All versions up to 1.8 expose two REST API endpoints—/trustindex_feed_hook_instagram/troubleshooting and /trustindex_feed_hook_instagram/submit-data—without a required capability check, enabling unauthenticated access and mo...

6.5CVSS5.8AI score0.0083EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.7 views

PT-2026-36564

Name of the Vulnerable Software and Affected Versions Widgets for Social Photo Feed versions prior to 1.9 Description Missing capability checks on the '/trustindex feed hook instagram/troubleshooting' and '/trustindex feed hook instagram/submit-data' REST API endpoints allow unauthenticated...

6.5CVSS5.5AI score0.0083EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-31757

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usbsubmiturb fails in usbioprob...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/01 2:14 p.m.5 views

CVE-2026-31757

In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usbsubmiturb fails in usbioprobe, the previously allocated URB is never freed, causing a memory leak. Fix this by jumping to errfreeurb label to properly release the UR...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
CVE
CVE
added 2026/05/01 2:14 p.m.9 views

CVE-2026-31757

CVE-2026-31757 affects the Linux kernel USB subsystem (usbio). The issue is a memory leak where, if usb_submit_urb() fails during device probing (usbio_probe()), the previously allocated URB is not freed. The fix directs control flow to an error path (err_free_urb) to properly release the URB and...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:14 p.m.29 views

CVE-2026-31757 usb: misc: usbio: Fix URB memory leak on submit failure

In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usbsubmiturb fails in usbioprobe, the previously allocated URB is never freed, causing a memory leak. Fix this by jumping to errfreeurb label to properly release the UR...

0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/01 2:14 p.m.8 views

EUVD-2026-26570

In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usbsubmiturb fails in usbioprobe, the previously allocated URB is never freed, causing a memory leak. Fix this by jumping to errfreeurb label to properly release the UR...

5.8AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/04/30 6:16 p.m.6 views

CVE-2026-36763

A stored cross-site scripting XSS vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the content parameter...

6.1CVSS0.00187EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.9 views

CVE-2026-36763

A stored cross-site scripting XSS vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the content parameter...

6.1CVSS5.3AI score0.00187EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/30 12:0 a.m.3 views

CVE-2026-36763

A stored cross-site scripting XSS vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the content parameter...

5.3AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/30 12:0 a.m.5 views

EUVD-2026-26398

A stored cross-site scripting XSS vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the content parameter...

6.1CVSS5.3AI score0.00187EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.8 views

PT-2026-36152

A stored cross-site scripting XSS vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the content parameter...

6.1CVSS5.3AI score0.00187EPSS
Exploits0References4
Rows per page
Query Builder