CVE-2026-27788

Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

CVE-2026-27788

CVE-2026-27788 affects ServerView Agents for Windows, versions up to 11.60.04. The issue is an incorrect permission assignment on a critical resource. If exploited by a local authenticated attacker who can log in to the server, SYSTEM privileges may be obtained. Documented impact is high (local, ...

EUVD-2026-33571

Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

CVE-2026-27788

Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

CVE-2026-27788

Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

CVE-2026-10235

A flaw has been found in CodeAstro Ingredients Stock Management System 1.0. This vulnerability affects unknown code of the file /Ingredients-Stock/stockmanager.php. This manipulation of the argument txtsearchcategory causes sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2026-10235

CodeAstro Ingredients Stock Management System 1.0 contains an SQL injection in stock_manager.php via the txt_search_category parameter. The vulnerability affects unknown code in /Ingredients-Stock/stock_manager.php and can be exploited remotely; exploit has been published. No remediation details ...

CVE-2026-10225

A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...

PuneethReddyHC Online Shopping System homeaction.php SQL Injection

An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping System through the /homeaction.php catid parameter. Using a post request does not sanitize the user input. id: CVE-2021-41649 info: name: PuneethReddyHC Online Shopping System homeaction.php SQL Injection...

Car Rental Management System 1.0 - Local File Inclusion

Car Rental Management System 1.0 allows an unauthenticated user to perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, leading to code execution. id: CVE-2020-29227 info: name: Car Rental Management System 1.0 - Local File Inclusion author:...

Mongo-Express - Remote Code Execution

Mongo-Express before 1.0.0 is susceptible to remote code execution because it uses safer-eval to validate user supplied javascript. Unfortunately safer-eval sandboxing capabilities are easily bypassed leading to remote code execution in the context of the node server. id: CVE-2020-24391 info: nam...

Jiangnan Online Judge 0.8.0 - Local File Inclusion

Jiangnan Online Judge aka jnoj 0.8.0 is susceptible to local file inclusion via web/polygon/problem/viewfile?id=1&name=../. id: CVE-2019-17538 info: name: Jiangnan Online Judge 0.8.0 - Local File Inclusion author: pussycat0x severity: high description: | Jiangnan Online Judge aka jnoj 0.8.0 is...

Atlassian Bitbucket - Remote Command Injection

Atlassian Bitbucket Server and Data Center is susceptible to remote command injection. Multiple API endpoints can allow an attacker with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request, thus making it possible to obtain...

EUVD-2026-33561

A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

CVE-2026-10228 raisulislamg4 student_management_system_by_php admission_form_check.php cross site scripting

A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

CVE-2026-10228

Technical details (affected software, components, vulnerable versions, and mitigations) are not publicly available in the provided documents. Monitor for updates and additional disclosures.

CVE-2026-10228 raisulislamg4 student_management_system_by_php admission_form_check.php cross site scripting

A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

CVE-2026-10227 raisulislamg4 student_management_system_by_php User Creation add_user_check.php sql injection

A vulnerability has been found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The affected element is an unknown function of the file addusercheck.php of the component User Creation Handler. The manipulation of the argument role leads to sql injectio...

CVE-2026-10227

CVE-2026-10227 affects the project “raisulislamg4 student_management_system_by_php” (unknown version range) via an SQL injection in an argument within add_user_check.php of the User Creation Handler. According to the description, manipulating the role parameter enables remote exploitation, and th...

CVE-2026-10226

CVE-2026-10226 affects the project raisulislamg4 student_management_system_by_php (file delete.php). The issue is a SQL injection that can be triggered by manipulating arguments such as user_id, course_id, teacher_id, student_id, or application_id. The vulnerability is exploitable remotely and ex...