242027 matches found
CVE-2026-11453
A vulnerability was found in Tiobon Employee Self-Service System up to 7.2. Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of the component Login Endpoint. The manipulation of the argument Keyword results in sql injection. The attack can be launched...
Important: Red Hat Security Advisory: unbound security update
An update for unbound is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages
A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...
CVE-2026-3238
A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the...
CVE-2026-11495
The CVE affects CodeAstro Ingredients Stock Management System 1.0. Vulnerable component: /Ingredients-Stock/add_stock.php. Root cause: manipulation of the argument ID enables an SQL injection. Impact: data confidentiality/integrity/availability may be affected; attack vector is network with low c...
CVE-2026-11495
A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/addstock.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be...
EUVD-2026-35026
A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/addstock.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be...
CVE-2026-11486
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-11484
A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /archive3.php. This manipulation of the argument sy causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public an...
CVE-2026-11488 code-projects Simple Flight Ticket Booking System POST Parameter checkUser.php sql injection
A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...
EUVD-2026-35019
A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...
CVE-2026-11488 code-projects Simple Flight Ticket Booking System POST Parameter checkUser.php sql injection
A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...
CVE-2026-11488
A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...
CVE-2026-11486 SourceCodester Class and Exam Timetabling System archive1.php sql injection
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-11486 SourceCodester Class and Exam Timetabling System archive1.php sql injection
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-11486
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-11486
The CVE-2026-11486 affects SourceCodester Class and Exam Timetabling System 1.0. The vulnerability is in /archive1.php where manipulation of the argument sy leads to SQL injection. It enables remote exploitation, with the exploit publicly available. Documents do not specify affected versions beyo...
EUVD-2026-35017
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /archive1.php. Performing a manipulation of the argument sy results in sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-11485
A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive2.php. Such manipulation of the argument sy leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly...
CVE-2026-11485
The CVE-2026-11485 affects SourceCodester Class and Exam Timetabling System 1.0. A vulnerability in an unknown function of /archive2.php allows manipulation of the argument sy to trigger SQL injection. The attack can be launched remotely, and the exploit has been disclosed publicly. These details...