CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added yesterday•4 views

CVE-2026-6592

A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/usermanager.py of the component userdata Endpoint. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclose...

5.1CVSS3.6AI score0.00011EPSS

RedhatCVE•added yesterday•3 views

CVE-2026-22014

Vulnerability in the Oracle User Management product of Oracle E-Business Suite component: Workflow and Business Events. Supported versions that are affected are 12.2.7-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle User...

3.8CVSS7.3AI score0.00031EPSS

RedhatCVE•added yesterday•4 views

CVE-2026-10236

A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be launched remotely...

RedhatCVE•added yesterday•3 views

CVE-2026-44224

Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation of the group IDs supplied. The resolver passes the caller's arguments straight to the model without...

8.8CVSS5.5AI score0.00049EPSS

Exploits1References1

Positive Technologies•added yesterday•7 views

PT-2026-46977

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage user. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.6AI score

Exploits0References7

NVD•added 5 days ago•7 views

CVE-2026-10237

A vulnerability was found in SourceCodester Water Billing Management System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser of the component User Management Module. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the atta...

5.8CVSS0.00032EPSS

Vulnrichment•added 5 days ago•6 views

CVE-2026-10237 SourceCodester Water Billing Management System User Management manage_user sql injection

5.8CVSS5.5AI score0.00032EPSS

ATTACKERKB•added 5 days ago•7 views

CVE-2026-10237

Exploits0References6Affected Software1

EUVD•added 5 days ago•9 views

EUVD-2026-33582

CVE•added 5 days ago•11 views

CVE-2026-10237

CVE-2026-10237 affects SourceCodester Water Billing Management System 1.0. The vulnerability is an SQL injection in the User Management Module, exploitable by manipulating the ID argument in the /admin/?page=user/manage_user endpoint. The issue is remote and can be exploited with the exploit publ...

ATTACKERKB•added 5 days ago•7 views

CVE-2026-10236

Exploits0References6Affected Software1

EUVD•added 5 days ago•7 views

EUVD-2026-33579

Vulnrichment•added 5 days ago•5 views

CVE-2026-10236 SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization

Cvelist•added 5 days ago•33 views

CVE-2026-10236 SourceCodester Water Billing Management System User Management Endpoint Users.php save improper authorization

7.5CVSS0.00045EPSS

CVE•added 5 days ago•9 views

CVE-2026-10236

Technical details about CVE-2026-10236 are not publicly available in the provided documents. Monitor for updates from authoritative sources for affected components, vulnerable files, and remediation steps.

CNNVD•added 5 days ago•4 views

SourceCodester Water Billing Management System Authorization Vulnerability

The SourceCodester Water Billing Management System is an open-source water billing management system developed by SourceCodester. Version 1.0 of the SourceCodester Water Billing Management System has a vulnerability related to authorization issues. This vulnerability stems from a problem with the...

7.5CVSS7.1AI score0.00045EPSS

Positive Technologies•added 5 days ago•8 views

PT-2026-45346

CNNVD•added 5 days ago•5 views

Exploits0References7

SourceCodester Water Billing Management System SQL Injection Vulnerability

The SourceCodester Water Billing Management System is an open-source water billing management system developed by SourceCodester. Version 1.0 of the SourceCodester Water Billing Management System contains a SQL injection vulnerability. This vulnerability stems from incorrect parameter handling in...

5.8CVSS5.8AI score0.00032EPSS

Positive Technologies•added 5 days ago•10 views

PT-2026-45347

A vulnerability was found in SourceCodester Water Billing Management System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage user of the component User Management Module. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the...