CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/05 7:49 p.m.•7 views

CVE-2026-5840

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.4AI score0.00202EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:48 p.m.•9 views

CVE-2026-10296

A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been publicl...

6.5CVSS6.4AI score0.00319EPSS

Exploits0References1

Positive Technologies•added 2026/06/04 12:0 a.m.•10 views

PT-2026-46837

Name of the Vulnerable Software and Affected Versions SourceCodester Ship Ferry Ticket Reservation System versions prior to 1.1 Description An issue exists in the Admin Login component within the '/admin/login.php' endpoint. Remote manipulation of the Username argument allows for SQL injection, a...

7.5CVSS7.1AI score0.00328EPSS

Exploits0References10

ATTACKERKB•added 2026/06/01 10:0 p.m.•5 views

CVE-2026-10296

6.5CVSS5.6AI score0.00319EPSS

Exploits0References6Affected Software1

EUVD•added 2026/06/01 4:45 a.m.•12 views

EUVD-2026-33558

A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...

7.5CVSS5.6AI score0.00263EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•13 views

PT-2026-45269

A vulnerability was detected in raisulislamg4 student management system by php up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file login check.php of the component Login. Performing a manipulation of the argument Username results in sql injection...

7.5CVSS6.9AI score0.00263EPSS

Exploits0References7

ATTACKERKB•added 2026/05/08 3:15 a.m.•5 views

CVE-2026-8132

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

7.5CVSS6.9AI score0.00254EPSS

Exploits0References5Affected Software1

RedhatCVE•added 2026/05/04 8:21 p.m.•4 views

CVE-2026-7631

A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument Username results in improper authorization. The attack can be executed remotely. The exploit has be...

NVD•added 2026/05/02 2:16 p.m.•2 views

Exploits0References1

CVE-2026-7631

5.5CVSS0.00225EPSS

EUVD•added 2026/05/02 1:30 p.m.•1 views

EUVD-2026-26793

Vulnrichment•added 2026/05/02 1:30 p.m.•4 views

CVE-2026-7631 code-projects Online Hospital Management System Registration improper authorization

CVE•added 2026/05/02 1:30 p.m.•9 views

CVE-2026-7631

The CVE affects code-projects Online Hospital Management System 1.0, specifically the Registration Handler’s unknown function. The vulnerability arises from manipulation of the Username parameter, resulting in improper authorization. It can be exploited remotely, with public exploit availability....

Cvelist•added 2026/05/02 1:30 p.m.•29 views

CVE-2026-7631 code-projects Online Hospital Management System Registration improper authorization

5.5CVSS0.00225EPSS

Positive Technologies•added 2026/05/02 12:0 a.m.•6 views

PT-2026-36621

ATTACKERKB•added 2026/04/27 12:45 a.m.•2 views

CVE-2026-7072

A vulnerability was detected in CodePanda Source canteenmanagementsystem 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may...

7.5CVSS7.3AI score0.00254EPSS

Exploits0References4Affected Software1

CVE•added 2026/04/27 12:15 a.m.•8 views

CVE-2026-7070

CVE-2026-7070 affects code-projects Inventory Management System 1.0. The vulnerability is in an unknown function of the Login component, where manipulating the Username parameter can lead to a SQL injection. The attack can be launched remotely, and public exploits exist. Metrics from multiple sou...

7.5CVSS7.3AI score0.00254EPSS

Positive Technologies•added 2026/04/13 12:0 a.m.•3 views

PT-2026-32400

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00268EPSS

NVD•added 2026/04/09 5:16 a.m.•2 views

CVE-2026-5840

5.8CVSS0.00202EPSS