CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added yesterday•2 views

CVE-2026-36227

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

6.5CVSS5.9AI score0.00244EPSS

Exploits1References1

RedhatCVE•added yesterday•3 views

CVE-2026-10704

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS7AI score0.00033EPSS

RedhatCVE•added yesterday•3 views

CVE-2026-10262

A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

RedhatCVE•added yesterday•3 views

CVE-2026-8132

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

7.5CVSS7AI score0.00039EPSS

RedhatCVE•added yesterday•1 views

CVE-2026-42062

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...

9.8CVSS7.9AI score0.0057EPSS

EUVD•added yesterday•4 views

EUVD-2026-34856

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manageuser. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.8AI score

Cvelist•added 2 days ago•20 views

CVE-2026-10877 SourceCodester Ship Ferry Ticket Reservation System Admin Login login.php sql injection

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Username leads to sql injection. The attack can be executed...

ATTACKERKB•added 3 days ago•5 views

CVE-2026-10704

Exploits0References6Affected Software1

CVE•added 5 days ago•9 views

CVE-2026-10296

CVE-2026-10296 affects itsourcecode Fees Management System 1.0. The vulnerability concerns the /ajax.php file, where manipulation of the Username argument can lead to SQL injection. The attack can be performed remotely, and a publicly disclosed exploit exists. No remediation or patch details are ...

6.5CVSS5.6AI score0.00033EPSS

Vulnrichment•added 5 days ago•4 views

CVE-2026-10296 itsourcecode Fees Management System ajax.php sql injection

6.5CVSS6.4AI score0.00033EPSS

Cvelist•added 5 days ago•23 views

CVE-2026-10262 code-projects Real State Services Login loginuser.php sql injection

ATTACKERKB•added 5 days ago•5 views

CVE-2026-10262

7.5CVSS6.8AI score0.00033EPSS

Exploits0References6Affected Software1

NVD•added 5 days ago•9 views

CVE-2026-10251

A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been...

Vulnrichment•added 5 days ago•6 views

CVE-2026-10251 itsourcecode Online House Rental System ajax.php login sql injection

NVD•added 5 days ago•9 views

CVE-2026-10225

A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...

ATTACKERKB•added 5 days ago•6 views

CVE-2026-10225

Cvelist•added 5 days ago•34 views

CVE-2026-10208 code-projects Online Hospital Management System login_1.php login_user sql injection

A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function loginuser of the file login1.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...