CVE-2026-37637

An issue in Alexantr filemanager v.1.0 allows a remote attacker to execute arbitrary code via the filemanager.php component...

CVE-2026-13537

The CVE-2026-13537 entry concerns CodeAstro Human Resource Management System (version 1.0). The vulnerability is described as a cross-site request forgery affecting an unspecified function, with a remote attack possibility and public exploit. No explicit root cause details or affected subcomponen...

CVE-2026-13530 itsourcecode Hospital Management System Appointment appointmentdetail.php sql injection

A vulnerability was identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /appointmentdetail.php of the component Appointment Handler. The manipulation of the argument editid leads to sql injection. The attack is possible to be carried out remotel...

CVE-2026-12100

CVE-2026-12100 affects the WordPress URL Preview plugin. It is vulnerable to unauthenticated Server-Side Request Forgery via the url parameter in all versions up to and including 1.0. An unauthenticated attacker can cause the web application to issue requests to arbitrary locations from the web a...

CVE-2026-12050

CVE-2026-12050 concerns pgAdmin 4. An authenticated user with a connected PostgreSQL session can exploit a SQL injection in the named restore point endpoint (POST /browser/server/restore_point/{gid}/{sid}) because the user-supplied value is interpolated into SQL via string formatting instead of a...

CVE-2025-69176

Technical details about CVE-2025-69176 are not provided in the supplied documents. Monitor for updates; the initial entry notes unauthenticated Local File Inclusion in ITactics

Linux Distros Unpatched Vulnerability : CVE-2026-39044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - gst-plugins-good1.0 - None Ubuntu Linux - Unknown description CVE-2026-39044 Note that Nessus relies on the presence of the package as reported b...

PT-2026-49296

Name of the Vulnerable Software and Affected Versions Tenda 5G03 version V05.03.02.04 Version 1.0 Description Command injection is possible in the action ims on with apn function through the ims apn parameter. Recommendations At the moment, there is no information about a newer version that...

EUVD-2026-36604

A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection. Remote exploitatio...

CVE-2026-11513

A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument Date results in sql injection. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2026-11513 itsourcecode Hospital Management System adminaccount.php sql injection

A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument Date results in sql injection. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2026-11508

A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/searchstafftoassignpc.php. This manipulation of the argument Name causes sql injection. The attack is possible to be carried out remotely. The...

CVE-2026-11495 CodeAstro Ingredients Stock Management System add_stock.php sql injection

A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/addstock.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be...

CVE-2026-11471 SourceCodester Class and Exam Timetabling System index2.php sql injection

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

CodeAstro Payroll System 注入漏洞

The CodeAstro Payroll System is a payroll system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Payroll System has a SQL injection vulnerability. This vulnerability arises from improper handling of the parameter ID in the/viewaccount.php file, which may lead to SQL injection...

CodeAstro Leave Management System 注入漏洞

The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a SQL injection vulnerability. This vulnerability stems from the handling of the parameter “Name” in the file/admin/searchstafffordeletion.php,...

📄 Computer Laboratory Management System 1.0 Cross Site Scripting

Computer Laboratory Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Stored Cross-Site Scripting XSS in Computer Laboratory Management System v1.0 Summary A Stored Cross-Site Scripting XSS vulnerability exists in Computer Laboratory Management System v1....

SourceCodester Hospitals Patient Records Management System 跨站脚本漏洞

SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System contains a cross-site scripting vulnerability. This vulnerability stems...

CodeAstro Student Attendance Management System 注入漏洞

CodeAstro Student Attendance Management System is a student attendance management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Student Attendance Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter className in...

SourceCodester Barangay Resident Profiling and Information Management System 信任管理问题漏洞

The SourceCodester Barangay Resident Profiling and Information Management System is an open-source system developed by SourceCodester for managing profiles and information of Barangay residents. Version 1.0 of the SourceCodester Barangay Resident Profiling and Information Management System contai...