CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

233630 matches found

Chromium: CVE-2026-9950 Insufficient validation of untrusted input in iOS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

3.1CVSS5.8AI score0.00036EPSS

Exploits0

CVE•added last week•10 views

CVE-2026-10186

Code-projects Online Hospital Management System 1.0 contains an SQL injection vulnerability in the /patient.php endpoint, triggered by manipulating the editid parameter. The flaw allows remote exploitation and has publicly disclosed exploit details. Multiple CVSS metrics across versions (e.g., CV...

7.5CVSS6.9AI score0.00044EPSS

Exploits0References6

EUVD•added last week•7 views

EUVD-2026-33508

A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit...

7.5CVSS6.9AI score0.00044EPSS

Exploits0References6

EUVD•added last week•7 views

EUVD-2026-33507

A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...

7.5CVSS6.9AI score0.00044EPSS

Exploits0References6

ATTACKERKB•added last week•6 views

CVE-2026-10184

A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been...

7.5CVSS6.9AI score0.00044EPSS

Exploits0References6Affected Software1

Vulnrichment•added last week•5 views

CVE-2026-10184 SourceCodester Hospitals Patient Records Management System Users.php delete sql injection

7.5CVSS5.7AI score0.00044EPSS

Exploits0References6

NVD•added last week•9 views

CVE-2026-10180

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...

6.5CVSS0.01433EPSS

Exploits0References5

NVD•added 2026/05/31 8:16 a.m.•7 views

CVE-2026-10172

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS0.0004EPSS

Exploits0References5

NVD•added 2026/05/31 7:16 a.m.•12 views

CVE-2026-10170

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone0.php. This manipulation of the argument phone causes sql injection. The attack may be initiated remotely. The exploit has been published and may be...

6.5CVSS0.00031EPSS

Exploits0References5

Cvelist•added 2026/05/31 6:45 a.m.•30 views

CVE-2026-10172 Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload

6.5CVSS0.0004EPSS

Exploits0References5

Vulnrichment•added 2026/05/31 6:45 a.m.•6 views

CVE-2026-10172 Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload

6.5CVSS5.5AI score0.0004EPSS

Exploits0References5

CVE•added 2026/05/31 6:45 a.m.•9 views

CVE-2026-10172

The CVE-2026-10172 entry concerns Bdtask Multi-Store Inventory Management System 1.0. The vulnerability lies in the Upload function of the file application/modules/dashboard/controllers/Module.php within the Module component, where manipulating the module argument yields unrestricted file upload....

6.5CVSS6.3AI score0.0004EPSS

Exploits0References5

ATTACKERKB•added 2026/05/31 6:45 a.m.•7 views

CVE-2026-10172

6.5CVSS5.5AI score0.0004EPSS

Exploits0References5Affected Software1

NVD•added 2026/05/31 5:16 a.m.•8 views

CVE-2026-10169

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajaxforgotpassword of the file application/controllers/Login.php of the component Forgot Password Endpoint. The...

6.3CVSS0.00037EPSS

Exploits0References4

NVD•added 2026/05/31 5:16 a.m.•10 views

CVE-2026-10167

A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function signauthcookie of the file application/controllers/Login.php of the component MYController. Executing a manipulation of the argumen...

7.5CVSS0.00073EPSS

Exploits0References4

CVE•added 2026/05/31 5:15 a.m.•13 views

CVE-2026-10170

The CVE-2026-10170 entry affects code-projects Visitor Management System 1.0. A SQL injection vulnerability is present in /vms/php/phone_0.php via the phone parameter. The issue is remotely triggerable and an exploit has been published, indicating potential real-world use. The bundled metrics ind...

6.5CVSS5.7AI score0.00031EPSS

Exploits0References5

Vulnrichment•added 2026/05/31 5:15 a.m.•4 views

CVE-2026-10170 code-projects Visitor Management System phone_0.php sql injection

6.5CVSS6.5AI score0.00031EPSS

Exploits0References5

EUVD•added 2026/05/31 5:15 a.m.•8 views

EUVD-2026-33490

6.5CVSS6.5AI score0.00031EPSS

Exploits0References5

ATTACKERKB•added 2026/05/31 5:15 a.m.•7 views

CVE-2026-10170