Lucene search
K

2396 matches found

Vulnrichment
Vulnrichment
added 2026/04/20 12:0 a.m.5 views

CVE-2026-39109

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page index.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database...

5.8AI score0.00325EPSS
Exploits0References3
CVE
CVE
added 2026/04/20 12:0 a.m.22 views

CVE-2026-39109

CVE-2026-39109 : SQL injection in the Apartment Visitors Management System V1.1, specifically in the username parameter of login (index.php). This unauthenticated vulnerability allows an attacker to manipulate backend SQL queries during authentication and retrieve sensitive database contents. Con...

9.4CVSS5.8AI score0.00325EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/17 3:31 p.m.7 views

EUVD-2026-23440

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

9.8CVSS5.9AI score0.00677EPSS
Exploits1References3
NVD
NVD
added 2026/04/17 3:16 p.m.11 views

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

9.8CVSS0.00677EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/17 12:0 a.m.4 views

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

5.9AI score0.00677EPSS
Exploits1References2
CVE
CVE
added 2026/04/17 12:0 a.m.25 views

CVE-2026-37749

CodeAstro Simple Attendance Management System v1.0 is affected by a SQL injection in index.php via the username parameter, enabling remote unauthenticated attackers to bypass login and gain admin access. Root cause: direct interpolation of user input into the SQL query without proper escaping or ...

9.8CVSS5.9AI score0.00677EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.11 views

CodeAstro Simple Attendance Management System 安全漏洞

CodeAstro Simple Attendance Management System is a simple attendance management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Simple Attendance Management System has a security vulnerability. This vulnerability stems from the SQL injection vulnerability in the username parameter...

9.8CVSS5.9AI score0.00677EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/17 12:0 a.m.31 views

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php...

0.00677EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.8 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/13 6:30 p.m.4 views

EUVD-2026-22016

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00268EPSS
Exploits0References6
NVD
NVD
added 2026/04/13 5:16 p.m.7 views

CVE-2026-6189

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS0.00268EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/13 4:0 p.m.2 views

CVE-2026-6189 SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00268EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.6 views

SourceCodester Pharmacy Sales and Inventory System SQL注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from incorrect...

7.5CVSS7.2AI score0.00268EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/10 3:31 p.m.6 views

EUVD-2026-21386

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

5.9AI score0.00319EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 3:16 p.m.8 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

9.8CVSS0.00319EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/10 12:0 a.m.6 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

5.9AI score0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/10 12:0 a.m.34 views

CVE-2026-29861

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

0.00319EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.14 views

PT-2026-31927

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

5.9AI score0.00319EPSS
Exploits0References2
CVE
CVE
added 2026/04/10 12:0 a.m.13 views

CVE-2026-29861

CVE-2026-29861 affects PHP-MYSQL-User-Login-System v1.0, with a SQL injection vulnerability in login.php via the username parameter. The root cause is unsafely constructed SQL queries that incorporate unvalidated user input, leading to potential unauthorized disclosure/integrity impact and possib...

9.8CVSS5.9AI score0.00319EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

PHP MySQL User Signup Login System 安全漏洞

PHP MySQL User Signup Login System is a MySQL registration and login system developed by Keerti Vishwkarma. Version 1.0 of the PHP MySQL User Signup Login System has a security vulnerability. This vulnerability stems from a flaw in the username parameter used in the login.php file, which may lead...

9.8CVSS5.8AI score0.00319EPSS
Exploits0References2
Rows per page
Query Builder