CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

RedhatCVE•added 2026/03/26 3:15 p.m.•1 views

CVE-2026-4778

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file updatecategory.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...

6.5CVSS6.4AI score0.00012EPSS

Exploits1References1

EUVD•added 2026/03/25 12:31 a.m.•0 views

EUVD-2026-15027

6.5CVSS5.6AI score0.00012EPSS

Exploits1References6

NVD•added 2026/03/24 11:17 p.m.•0 views

CVE-2026-4778

6.5CVSS0.00012EPSS

Exploits1References5

CVE•added 2026/03/24 10:22 p.m.•4 views

CVE-2026-4778

SourceCodester Sales and Inventory System 1.0 contains a SQL injection in update_category.php via manipulation of the HTTP GET parameter sid. This affects the code path handling the sid in update_category.php, enabling remote exploitation. The vulnerability is exploitable remotely with public PoC...

6.5CVSS6.4AI score0.00012EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2026/03/24 10:22 p.m.•2 views

CVE-2026-4778 SourceCodester Sales and Inventory System HTTP GET Parameter update_category.php sql injection

6.5CVSS6.4AI score0.00012EPSS

Exploits1References5

Positive Technologies•added 2026/03/24 12:0 a.m.•1 views

PT-2026-27521

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file update category.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...

6.5CVSS6.4AI score0.00012EPSS

Exploits1References7

CNNVD•added 2026/03/24 12:0 a.m.•2 views

SourceCodester Sales and Inventory System SQL注入漏洞

The SourceCodester Sales and Inventory System is an open-source sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the paramete...

6.5CVSS6.7AI score0.00012EPSS

Exploits1References5

RedhatCVE•added 2026/02/09 7:14 a.m.•4 views

CVE-2026-2132

A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the argument txtcat results in sql injection. The attack can be executed remotely. The exploit has bee...

9.8CVSS5.5AI score0.00037EPSS

Exploits1References1

NVD•added 2026/02/08 4:15 a.m.•5 views

CVE-2026-2133

A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has...

9.8CVSS0.0002EPSS

Exploits1References5

OSV•added 2026/02/08 4:15 a.m.•0 views

CVE-2026-2133

9.8CVSS5.5AI score0.0002EPSS

Exploits1References5

OSV•added 2026/02/08 4:15 a.m.•0 views

CVE-2026-2132

9.8CVSS5.8AI score

Exploits0References5

NVD•added 2026/02/08 4:15 a.m.•5 views

CVE-2026-2132

9.8CVSS0.00037EPSS

Exploits1References5

Cvelist•added 2026/02/08 3:32 a.m.•27 views

CVE-2026-2133 code-projects Online Music Site AdminUpdateCategory.php unrestricted upload

7.5CVSS0.0002EPSS

Exploits1References5

CVE•added 2026/02/08 3:32 a.m.•8 views

CVE-2026-2133

CVE-2026-2133 affects code-projects Online Music Site 1.0. The vulnerability exists in an unknown function of /Administrator/PHP/AdminUpdateCategory.php, where manipulating the txtimage argument enables unrestricted file uploads. It is exploitable remotely, and public exploit details have been re...

9.8CVSS7.1AI score0.0002EPSS

Exploits1References5Affected Software1

ATTACKERKB•added 2026/02/08 3:32 a.m.•2 views

CVE-2026-2133

7.5CVSS7.1AI score0.0002EPSS

Exploits1References5Affected Software1

CVE•added 2026/02/08 3:2 a.m.•9 views

CVE-2026-2132

code-projects Online Music Site 1.0 contains a SQL injection in AdminUpdateCategory.php (txtcat) that can be triggered remotely. Multiple sources (NVD/Red Hat/CVE list) confirm the vulnerability path involves the /Administrator/PHP/AdminUpdateCategory.php file and an injectable txtcat parameter. ...

9.8CVSS7.2AI score0.00037EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/02/08 3:2 a.m.•23 views

CVE-2026-2132 code-projects Online Music Site AdminUpdateCategory.php sql injection

7.5CVSS0.00037EPSS

Exploits1References5

EUVD•added 2026/02/08 3:2 a.m.•4 views

EUVD-2026-5816

9.8CVSS7.1AI score0.00037EPSS

Exploits1References5

Positive Technologies•added 2026/02/08 12:0 a.m.•9 views

PT-2026-6957

Name of the Vulnerable Software and Affected Versions code-projects Online Music Site version 1.0 Description A flaw exists in code-projects Online Music Site that allows for unrestricted file uploads. This is due to manipulation of the txtimage argument within an unknown function of the file...

9.8CVSS6.9AI score0.0002EPSS

Exploits1References10

NVD•added 2025/08/15 12:15 p.m.•3 views

CVE-2025-9051

A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

9.8CVSS0.00107EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by