CVE-2026-3413

A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /adminsinglestudent.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may...

CVE-2026-3413

A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /adminsinglestudent.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may...

EUVD-2026-8470

A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted earl...

CyreneAdmin 授权问题漏洞

CyreneAdmin is a backend management system developed by CoCoTea’s individual developers. Versions of CyreneAdmin prior to 1.3.0 had vulnerabilities related to authorization. These vulnerabilities stemmed from improper handling of unknown code in files/api/system/dashboard/getCount, which could le...

CVE-2026-2184

A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os command injection. The attack can be...

CVE-2026-2184

CVE-2026-2184 affects the Great Developers Certificate Generation System. The vulnerability is located in unknown code within the "/restructured/csv.php" file, where the manipulation of the photo argument leads to an OS command injection. It can be exploited remotely, and multiple sources corrobo...

CVE-2026-2163

A vulnerability was identified in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command injection. The attack may be launched remotely. The exploit is publicly availabl...

PT-2026-7018

Name of the Vulnerable Software and Affected Versions Great Developers Certificate Generation System versions prior to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73 Description A flaw exists in Great Developers Certificate Generation System that allows for operating system command injection. The issue...

CVE-2026-1700

A weakness has been identified in projectworlds House Rental and Property Listing 1.0. This vulnerability affects unknown code of the file /app/sms.php. This manipulation of the argument Message causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made...

EUVD-2026-5012

A weakness has been identified in projectworlds House Rental and Property Listing 1.0. This vulnerability affects unknown code of the file /app/sms.php. This manipulation of the argument Message causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made...

CVE-2026-1552 SEMCMS SEMCMS_Info.php sql injection

A security vulnerability has been detected in SEMCMS 5.0. This vulnerability affects unknown code of the file /SEMCMSInfo.php. The manipulation of the argument searchml leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be...

PT-2026-4823

A vulnerability was found in iJason-Liu Books Manager up to 298ba736387ca37810466349af13a0fdf828e99c. This vulnerability affects unknown code of the file controllers/books center/upload bookCover.php. Performing a manipulation of the argument book cover results in unrestricted upload. The attack...

CVE-2026-1169

A security vulnerability has been detected in birkir prime up to 0.4.0.beta.0. This vulnerability affects unknown code. Such manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The project was informed of...

CVE-2026-1169

CVE-2026-1169 concerns birkir prime up to 0.4.0.beta.0 with a cross-site request forgery affecting unknown code. The issue enables a remotely launchable CSRF attack; the exploit has been disclosed publicly and may be used. The project was informed via issue reports early but has not responded. Pu...

CVE-2026-1148

A vulnerability was determined in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This vulnerability affects unknown code. Executing a manipulation can lead to cross-site request forgery. It is possible to launch the attack remotely...

PT-2026-3431

A vulnerability was determined in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This vulnerability affects unknown code. Executing a manipulation can lead to cross-site request forgery. It is possible to launch the attack remotely...

Prime security vulnerabilities

Prime is a content management system developed by Birkir Gudjonsson. Versions of Prime prior to 0.4.0.beta.0 contained security vulnerabilities, which were caused by incorrect handling of unknown code. These vulnerabilities could lead to cross-site request forgery attacks...

CVE-2026-1105

A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...

CVE-2026-1105 EasyCMS UserAction.class.php sql injection

A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was...

CVE-2023-7331

A vulnerability was detected in PKrystian Full-Stack-Bank up to bf73a0179e3ff07c0d7dc35297cea0be0e5b1317. This vulnerability affects unknown code of the component User Handler. Performing manipulation results in sql injection. It is possible to initiate the attack remotely. This product is using ...