Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

241956 matches found

ATTACKERKB
ATTACKERKBadded 2026/06/05 6:27 p.m.7 views

CVE-2026-46395

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the hmacBase64 function in the HAXcms Node.js backend contains two critical cryptographic implementation errors that together allow any unauthenticated attacker to extract the system’s private signing ke...

9.3CVSS5.9AI score0.00189EPSS
Exploits1References2Affected Software1
EUVD
EUVDadded 2026/06/05 6:24 p.m.8 views

EUVD-2026-34884

HAX CMS helps manage microsite universe with PHP or NodeJs backends. An authenticated Server-Side Request Forgery SSRF vulnerability in versions prior to 26.0.0 allows authenticated users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enablin...

7.1CVSS5.6AI score0.00238EPSS
Exploits0References1
NVD
NVDadded 2026/06/05 6:17 p.m.9 views

CVE-2026-11344

A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely...

7.5CVSS0.00354EPSS
Exploits0References6
NVD
NVDadded 2026/06/05 6:17 p.m.8 views

CVE-2026-11342

A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and...

7.5CVSS0.00412EPSS
Exploits0References6
CVE
CVEadded 2026/06/05 5:49 p.m.21 views

CVE-2026-49492

The CVE-2026-49492 entry concerns Markdown Preview Enhanced (pre-0.8.28) which opens external files/links from the preview via a shell and does not validate untrusted inputs from the markdown document (e.g., diagram filename attribute, imported file paths, latex_engine code-chunk attribute). On W...

8.8CVSS5.7AI score0.00275EPSS
Exploits0References2
Mageia
Mageiaadded 2026/06/05 5:37 p.m.13 views

Updated cockpit packages fix security vulnerabilities

CVE-2026-4631, Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects...

9.8CVSS7AI score0.13889EPSS
Exploits3References27
OSV
OSVadded 2026/06/05 5:37 p.m.16 views

MGASA-2026-0175 Updated cockpit packages fix security vulnerabilities

CVE-2026-4631, Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects...

9.8CVSS6.8AI score0.13889EPSS
Exploits3References28
NVD
NVDadded 2026/06/05 5:17 p.m.11 views

CVE-2026-7473

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

6.9CVSS0.00378EPSS
Exploits1References3
NVD
NVDadded 2026/06/05 5:16 p.m.11 views

CVE-2026-11338

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS0.0021EPSS
Exploits0References6
NVD
NVDadded 2026/06/05 5:16 p.m.10 views

CVE-2026-11337

A vulnerability was found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected by this vulnerability is an unknown functionality of the file /dashboardpage/forms/fetch.php. The manipulation of the argument...

5.3CVSS0.00273EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/05 5:15 p.m.27 views

CVE-2026-11344 code-projects Vehicle Management System New Driver Registration Form newdriver.php unrestricted upload

A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely...

7.5CVSS0.00354EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/05 5:15 p.m.7 views

EUVD-2026-34865

A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely...

7.5CVSS6.8AI score0.00354EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/05 5:15 p.m.6 views

CVE-2026-11344

A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely...

7.5CVSS6.8AI score0.00354EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/05 5:15 p.m.5 views

CVE-2026-11344 code-projects Vehicle Management System New Driver Registration Form newdriver.php unrestricted upload

A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely...

7.5CVSS6.8AI score0.00354EPSS
Exploits0References6
CVE
CVEadded 2026/06/05 5:15 p.m.19 views

CVE-2026-11344

CVE-2026-11344 affects the code-projects Vehicle Management System 1.0, specifically the New Driver Registration Form’s file handling in newdriver.php. The vulnerability arises from manipulating the argument photo, leading to an unrestricted upload condition. The flaw is exploitable remotely and ...

7.5CVSS6.8AI score0.00354EPSS
Exploits0References6
CVE
CVEadded 2026/06/05 5:0 p.m.11 views

CVE-2026-11342

Vulnerability : In code-projects Hotel and Tourism Reservation System 1.0, the file /details.php is susceptible to SQL injection via the room parameter. Root cause : unsanitized input in the argument dispatched to an SQL query. Impact : exploitation can be performed remotely; CVSS metrics in sour...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/05 5:0 p.m.28 views

CVE-2026-11342 code-projects Hotel and Tourism Reservation System details.php sql injection

A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and...

7.5CVSS0.00412EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/05 5:0 p.m.6 views

CVE-2026-11342

A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and...

7.5CVSS7AI score0.00412EPSS
Exploits0References6Affected Software1
EUVD
EUVDadded 2026/06/05 5:0 p.m.8 views

EUVD-2026-34864

A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/05 5:0 p.m.7 views

CVE-2026-11342 code-projects Hotel and Tourism Reservation System details.php sql injection

A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and...

7.5CVSS7AI score0.00412EPSS
Exploits0References6
Rows per page
Query Builder