Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2026-0578 A vulnerability has been found in code-projects Online Product Reservation System 1.0. Affected by this issue is some unknown functionality of the file /handgunner-administrator/delete.php. The manipu... | 7.3 | HIGH | — | 0 |
| CVE-2026-0568 A flaw has been found in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Frontend/ViewSongs.php. This manipulation of the argument ID causes sql injection... | 7.3 | HIGH | — | 0 |
| CVE-2026-0569 A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown function of the file /Frontend/AlbumByCategory.php. Such manipulation of the argument ID leads to sql inj... | 7.3 | HIGH | — | 0 |
| CVE-2025-15140 A vulnerability was found in saiftheboss7 onlinemcqexam up to 0e56806132971e49721db3ef01868098c7b42ada. This vulnerability affects unknown code of the file /admin/quesadd.php. Performing manipulation ... | 7.3 | HIGH | — | 0 |
| CVE-2026-0606 A vulnerability was detected in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /FrontEnd/Albums.php. Performing a manipulation of the argument ID... | 7.3 | HIGH | — | 0 |
| CVE-2025-15185 A flaw has been found in code-projects Refugee Food Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /home/refugeesreport.php. This manipulation of the arg... | 7.3 | HIGH | — | 0 |
| CVE-2025-15073 A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contact_us.php. This manipulation of the argument Name causes sql inje... | 7.3 | HIGH | — | 0 |
| CVE-2025-15077 A security vulnerability has been detected in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /form137.php. The manipulation of the argument ID lead... | 7.3 | HIGH | — | 0 |
| CVE-2025-15354 A flaw has been found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/add_admin.php. Executing manipulation of the argument Username can l... | 7.3 | HIGH | — | 0 |
| CVE-2025-15097 A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The atta... | 7.3 | HIGH | — | 0 |
| CVE-2025-68043 Missing Authorization vulnerability in LottieFiles LottieFiles lottiefiles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LottieFiles: from n/a through <= 3... | 7.3 | HIGH | — | 0 |
| CVE-2025-15168 A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /statistical.php. Such manipulation of the argument ID leads to sql injection.... | 7.3 | HIGH | — | 0 |
| CVE-2025-69378 Incorrect Privilege Assignment vulnerability in XforWooCommerce Product Filter for WooCommerce prdctfltr allows Privilege Escalation.This issue affects Product Filter for WooCommerce: from n/a through... | 7.3 | HIGH | — | 0 |
| CVE-2025-15099 A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation... | 7.3 | HIGH | — | 0 |
| CVE-2025-15075 A security flaw has been discovered in itsourcecode Student Management System 1.0. This issue affects some unknown processing of the file /student_p.php. Performing manipulation of the argument ID res... | 7.3 | HIGH | — | 0 |
| CVE-2025-15074 A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /customer_details.php. Such manipulation leads to sql inject... | 7.3 | HIGH | — | 0 |
| CVE-2026-0643 A flaw has been found in projectworlds House Rental and Property Listing 1.0. Impacted is an unknown function of the file /app/register.php?action=reg of the component Signup. This manipulation of the... | 7.3 | HIGH | — | 0 |
| CVE-2026-0544 A security flaw has been discovered in itsourcecode School Management System 1.0. This affects an unknown part of the file /student/index.php. The manipulation of the argument ID results in sql inject... | 7.3 | HIGH | — | 0 |
| CVE-2025-15182 A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead... | 7.3 | HIGH | — | 0 |
| CVE-2026-0583 A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This vulnerability affects unknown code of the file app/user/login.php of the component User Login. The mani... | 7.3 | HIGH | — | 0 |
| CVE-2026-27707 Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Starting in version 2.0.0 and prior to version 3.1.0, an authentication guard logic flaw in `POST /api/v1/auth... | 7.3 | HIGH | — | 0 |
| CVE-2026-3981 A vulnerability was found in itsourcecode Online Doctor Appointment System 1.0. Affected is an unknown function of the file /admin/doctor_action.php. Performing a manipulation of the argument ID resul... | 7.3 | HIGH | — | 0 |
| CVE-2026-25076 Anchore Enterprise versions before 5.25.1 contain an SQL injection vulnerability in the GraphQL Reports API. An authenticated attacker that is able to access the GraphQL API could execute arbitrary SQ... | 7.3 | HIGH | — | 0 |
| CVE-2026-4497 A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. Affected by this issue is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi. This manipulation causes os command inj... | 7.3 | HIGH | — | 0 |
| CVE-2026-25702 A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SU... | 7.3 | HIGH | — | 0 |
| CVE-2026-4319 A vulnerability was identified in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/add-item.php. Such manipulation of the arg... | 7.3 | HIGH | — | 0 |
| CVE-2026-3746 A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the... | 7.3 | HIGH | — | 0 |
| CVE-2026-27652 The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in pred... | 7.3 | HIGH | — | 0 |
| CVE-2025-48634 In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution priv... | 7.3 | HIGH | — | 0 |
| CVE-2026-3818 A flaw has been found in Tiandy Easy7 CMS Windows 7.17.0. Impacted is an unknown function of the file /Easy7/apps/WebService/GetDBData.jsp. This manipulation of the argument strTBName causes sql injec... | 7.3 | HIGH | — | 0 |
| CVE-2026-4237 A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/mod_reports/index.php. Executing a manipulation of the argumen... | 7.3 | HIGH | — | 0 |
| CVE-2026-3413 A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /admin_single_student.php. This manipulation of the argument ID causes sql i... | 7.3 | HIGH | — | 0 |
| CVE-2026-4180 A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token_id lea... | 7.3 | HIGH | — | 0 |
| CVE-2026-3944 A vulnerability was determined in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /att_add.php. This manipulation of the argument Name causes sql inj... | 7.3 | HIGH | — | 0 |
| CVE-2026-26194 Gogs is an open source self-hosted Git service. Prior to version 0.14.2, there's a security issue in gogs where deleting a release can fail if a user controlled tag name is passed to git without the r... | 7.3 | HIGH | — | 0 |
| CVE-2026-4236 A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file /enrollment/index.php?view=add. Such manipulation of the argument t... | 7.3 | HIGH | — | 0 |
| CVE-2026-3943 A vulnerability was found in H3C ACG1000-AK230 up to 20260227. This affects an unknown part of the file /webui/?aaa_portal_auth_local_submit. The manipulation of the argument suffix results in command... | 7.3 | HIGH | — | 0 |
| CVE-2026-4221 A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This affects an unknown part of the file /rest/file/uploadLedImage of the component Endpoint. The manipulation of the a... | 7.3 | HIGH | — | 0 |
| CVE-2026-4220 A vulnerability has been found in Technologies Integrated Management Platform 7.17.0. Affected by this issue is some unknown functionality of the file /SetWebpagePic.jsp. The manipulation of the argum... | 7.3 | HIGH | — | 0 |
| CVE-2026-4536 A vulnerability was found in Acrel Environmental Monitoring Cloud Platform 1.1.0. This issue affects some unknown processing. Performing a manipulation results in unrestricted upload. The attack may b... | 7.3 | HIGH | — | 0 |
| CVE-2026-27396 Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through ... | 7.3 | HIGH | — | 0 |
| CVE-2026-3744 A vulnerability has been found in code-projects Student Web Portal 1.0. This impacts the function valreg_passwdation of the file signup.php. The manipulation of the argument reg_passwd leads to sql in... | 7.3 | HIGH | — | 0 |
| CVE-2026-3734 A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of th... | 7.3 | HIGH | — | 0 |
| CVE-2026-3747 A vulnerability was identified in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /add_result.php. Such manipulation of the argument sub... | 7.3 | HIGH | — | 0 |
| CVE-2026-3735 A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulatio... | 7.3 | HIGH | — | 0 |
| CVE-2026-20748 The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predic... | 7.3 | HIGH | — | 0 |
| CVE-2026-3764 A vulnerability was determined in SourceCodester Client Database Management System 1.0. The impacted element is an unknown function of the file /superadmin_user_update.php. This manipulation causes im... | 7.3 | HIGH | — | 0 |
| CVE-2026-3765 A vulnerability was identified in itsourcecode University Management System 1.0. This affects an unknown function of the file /att_single_view.php. Such manipulation of the argument dt leads to sql in... | 7.3 | HIGH | — | 0 |
| CVE-2026-4235 A weakness has been identified in itsourcecode Online Enrollment System 1.0. This issue affects some unknown processing of the file /sms/login.php. This manipulation of the argument user_email causes ... | 7.3 | HIGH | — | 0 |
| CVE-2026-3980 A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patient_action.php. Such manipulation of the argument patient_i... | 7.3 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.