Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-2057 A vulnerability was detected in SourceCodester Medical Center Portal Management System 1.0. This affects an unknown function of the file /login.php. The manipulation of the argument User results in sq... | 7.3 | HIGH | β | 0 |
| CVE-2026-2089 A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument... | 7.3 | HIGH | β | 0 |
| CVE-2026-28542 Permission bypass vulnerability in the system service framework.Β Impact: Successful exploitation of this vulnerability may affect availability. | 7.3 | HIGH | β | 0 |
| CVE-2026-2011 A vulnerability was found in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /ramonsys/enrollment/controller.php. The manipulation of the argument I... | 7.3 | HIGH | β | 0 |
| CVE-2026-25456 Missing Authorization vulnerability in Aarsiv Groups Automated FedEx live/manual rates with shipping labels a2z-fedex-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.T... | 7.3 | HIGH | β | 0 |
| CVE-2026-3736 A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulatio... | 7.3 | HIGH | β | 0 |
| CVE-2026-2088 A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/accepted-appointment.php. Such manipulation of the argument delid lea... | 7.3 | HIGH | β | 0 |
| CVE-2026-3740 A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /admin_search_student.php. This manipulation of the argument admin_search_s... | 7.3 | HIGH | β | 0 |
| CVE-2026-20748 The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predic... | 7.3 | HIGH | β | 0 |
| CVE-2026-24925 Heap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of this vulnerability may affect availability. | 7.3 | HIGH | β | 0 |
| CVE-2026-2087 A flaw has been found in SourceCodester Online Class Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. This manipulation of the argument user_email ... | 7.3 | HIGH | β | 0 |
| CVE-2026-0595 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authentic... | 7.3 | HIGH | β | 0 |
| CVE-2026-3744 A vulnerability has been found in code-projects Student Web Portal 1.0. This impacts the function valreg_passwdation of the file signup.php. The manipulation of the argument reg_passwd leads to sql in... | 7.3 | HIGH | β | 0 |
| CVE-2026-3746 A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the... | 7.3 | HIGH | β | 0 |
| CVE-2026-3747 A vulnerability was identified in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /add_result.php. Such manipulation of the argument sub... | 7.3 | HIGH | β | 0 |
| CVE-2026-2136 A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injec... | 7.3 | HIGH | β | 0 |
| CVE-2026-27764 The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predic... | 7.3 | HIGH | β | 0 |
| CVE-2026-2173 A vulnerability was identified in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/pas... | 7.3 | HIGH | β | 0 |
| CVE-2026-2212 A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Administrator/PHP/AdminEditCategory.php. The manipulation... | 7.3 | HIGH | β | 0 |
| CVE-2026-28448 OpenClaw versions 2026.1.29 prior to 2026.2.1 contain a vulnerability in the Twitch plugin (must be installed and enabled) in which it fails to enforce the allowFrom allowlist when allowedRoles is uns... | 7.3 | HIGH | β | 0 |
| CVE-2026-3757 A security flaw has been discovered in projectworlds Online Art Gallery Shop 1.0. Affected by this vulnerability is an unknown functionality of the file /?pass=1. The manipulation of the argument fnm ... | 7.3 | HIGH | β | 0 |
| CVE-2026-29082 Kestra is an event-driven orchestration platform. In versions from 1.1.10 and prior, Kestraβs execution-file preview renders user-supplied Markdown (.md) with markdown-it instantiated as html:true and... | 7.3 | HIGH | β | 0 |
| CVE-2026-2223 A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/tak... | 7.3 | HIGH | β | 0 |
| CVE-2026-3758 A weakness has been identified in projectworlds Online Art Gallery Shop 1.0. Affected by this issue is some unknown functionality of the file /admin/adminHome.php. This manipulation of the argument In... | 7.3 | HIGH | β | 0 |
| CVE-2026-25702 A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SU... | 7.3 | HIGH | β | 0 |
| CVE-2026-3759 A security vulnerability has been detected in projectworlds Online Art Gallery Shop 1.0. This affects an unknown part of the file /admin/adminHome.php. Such manipulation of the argument reach_nm leads... | 7.3 | HIGH | β | 0 |
| CVE-2025-52541 A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | 7.3 | HIGH | β | 0 |
| CVE-2026-3760 A vulnerability was detected in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /view_result.php. Performing a manipulation of the argument seme resu... | 7.3 | HIGH | β | 0 |
| CVE-2026-2083 A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /delete_post.php. Performing a manipulation of the argument ID results in ... | 7.3 | HIGH | β | 0 |
| CVE-2026-3762 A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmin_delete_manager.php of the component Endpoint. The ma... | 7.3 | HIGH | β | 0 |
| CVE-2026-3764 A vulnerability was determined in SourceCodester Client Database Management System 1.0. The impacted element is an unknown function of the file /superadmin_user_update.php. This manipulation causes im... | 7.3 | HIGH | β | 0 |
| CVE-2026-2220 A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessments/pretest/btn_functions.php. Such manipulation ... | 7.3 | HIGH | β | 0 |
| CVE-2026-3765 A vulnerability was identified in itsourcecode University Management System 1.0. This affects an unknown function of the file /att_single_view.php. Such manipulation of the argument dt leads to sql in... | 7.3 | HIGH | β | 0 |
| CVE-2026-3794 A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authe... | 7.3 | HIGH | β | 0 |
| CVE-2026-2158 A vulnerability was detected in code-projects Student Web Portal 1.0. This impacts an unknown function of the file /check_user.php. Performing a manipulation of the argument Username results in sql in... | 7.3 | HIGH | β | 0 |
| CVE-2026-2115 A flaw has been found in itsourcecode Society Management System 1.0. This issue affects some unknown processing of the file /admin/delete_expenses.php. This manipulation of the argument expenses_id ca... | 7.3 | HIGH | β | 0 |
| CVE-2026-2174 A security flaw has been discovered in code-projects Contact Management System 1.0. This affects an unknown part of the component CRUD Endpoint. The manipulation of the argument ID results in improper... | 7.3 | HIGH | β | 0 |
| CVE-2026-2161 A vulnerability was found in itsourcecode Directory Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/forget-password.php. The manipulation of the argument... | 7.3 | HIGH | β | 0 |
| CVE-2026-2211 A vulnerability was determined in code-projects Online Music Site 1.0. Affected is an unknown function of the file /Administrator/PHP/AdminDeleteCategory.php. Executing a manipulation of the argument ... | 7.3 | HIGH | β | 0 |
| CVE-2026-2166 A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulatio... | 7.3 | HIGH | β | 0 |
| CVE-2025-14560 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authentic... | 7.3 | HIGH | β | 0 |
| CVE-2026-2073 A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lead... | 7.3 | HIGH | β | 0 |
| CVE-2026-2172 A vulnerability was determined in code-projects Online Application System for Admission 1.0. Affected by this vulnerability is an unknown functionality of the file enrollment/index.php of the componen... | 7.3 | HIGH | β | 0 |
| CVE-2026-2059 A vulnerability has been found in SourceCodester Medical Center Portal Management System 1.0. Affected is an unknown function of the file /emp_edit1.php. Such manipulation of the argument ID leads to ... | 7.3 | HIGH | β | 0 |
| CVE-2026-3705 A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. This issue affects some unknown processing of the file /Adminsearch.php. The manipulation of the argument flightno r... | 7.3 | HIGH | β | 0 |
| CVE-2026-2014 A security flaw has been discovered in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /ramonsys/billing/index.php. Performing a manipulation of the argument I... | 7.3 | HIGH | β | 0 |
| CVE-2026-0508 The SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker with high privileges to insert malicious URL within the application. Upon successful exploitation, the victim ma... | 7.3 | HIGH | β | 0 |
| CVE-2026-2018 A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injectio... | 7.3 | HIGH | β | 0 |
| CVE-2026-4784 A vulnerability was found in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /checkcheckout.php of the component Parameter Handler. The manipulation of the argume... | 7.3 | HIGH | β | 0 |
| CVE-2026-31569 In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointc_update_sw_coremap() can be empty, cur... | 7.3 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.