CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/05 7:49 p.m.•7 views

CVE-2026-5840

A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/checkavailability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.4AI score0.00039EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:48 p.m.•7 views

CVE-2026-10296

A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been publicl...

6.5CVSS6.4AI score0.00037EPSS

Exploits0References1

Positive Technologies•added 2026/06/04 12:0 a.m.•7 views

PT-2026-46837

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Username leads to sql injection. The attack can be executed...

7.5CVSS6.8AI score0.00044EPSS

Exploits0References7

ATTACKERKB•added 2026/06/01 10:0 p.m.•5 views

CVE-2026-10296

6.5CVSS5.6AI score0.00037EPSS

Exploits0References6Affected Software1

EUVD•added 2026/06/01 4:45 a.m.•10 views

EUVD-2026-33558

A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...

7.5CVSS5.6AI score0.00044EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•12 views

PT-2026-45269

A vulnerability was detected in raisulislamg4 student management system by php up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file login check.php of the component Login. Performing a manipulation of the argument Username results in sql injection...

7.5CVSS6.9AI score0.00044EPSS

Exploits0References7

ATTACKERKB•added 2026/05/08 3:15 a.m.•4 views

CVE-2026-8132

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

7.5CVSS6.9AI score0.00043EPSS

Exploits0References5Affected Software1

RedhatCVE•added 2026/05/04 8:21 p.m.•4 views

CVE-2026-7631

A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument Username results in improper authorization. The attack can be executed remotely. The exploit has be...

NVD•added 2026/05/02 2:16 p.m.•2 views

Exploits0References1

CVE-2026-7631

5.5CVSS0.00047EPSS

EUVD•added 2026/05/02 1:30 p.m.•1 views

EUVD-2026-26793

CVE•added 2026/05/02 1:30 p.m.•5 views

CVE-2026-7631

The CVE affects code-projects Online Hospital Management System 1.0, specifically the Registration Handler’s unknown function. The vulnerability arises from manipulation of the Username parameter, resulting in improper authorization. It can be exploited remotely, with public exploit availability....

Cvelist•added 2026/05/02 1:30 p.m.•28 views

CVE-2026-7631 code-projects Online Hospital Management System Registration improper authorization

5.5CVSS0.00047EPSS

Vulnrichment•added 2026/05/02 1:30 p.m.•4 views

CVE-2026-7631 code-projects Online Hospital Management System Registration improper authorization

Positive Technologies•added 2026/05/02 12:0 a.m.•2 views

PT-2026-36621

ATTACKERKB•added 2026/04/27 12:45 a.m.•2 views

CVE-2026-7072

A vulnerability was detected in CodePanda Source canteenmanagementsystem 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may...

7.5CVSS7.3AI score0.0004EPSS

Exploits0References4Affected Software1

CVE•added 2026/04/27 12:15 a.m.•7 views

CVE-2026-7070

CVE-2026-7070 affects code-projects Inventory Management System 1.0. The vulnerability is in an unknown function of the Login component, where manipulating the Username parameter can lead to a SQL injection. The attack can be launched remotely, and public exploits exist. Metrics from multiple sou...

7.5CVSS7.3AI score0.00043EPSS

Positive Technologies•added 2026/04/13 12:0 a.m.•2 views

PT-2026-32400

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS5.7AI score0.00043EPSS

NVD•added 2026/04/09 5:16 a.m.•1 views

CVE-2026-5840

5.8CVSS0.00039EPSS