Export limit exceeded: 344010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-5551 | 1 Itsourcecode | 1 Free Hotel Reservation System | 2026-04-07 | 7.3 High |
| A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-5550 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-04-07 | 8.8 High |
| A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected. | ||||
| CVE-2026-5547 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-04-07 | 6.3 Medium |
| A vulnerability has been found in Tenda AC10 16.03.10.10_multi_TDE01. Affected is the function formAddMacfilterRule of the file /bin/httpd. Such manipulation leads to os command injection. It is possible to launch the attack remotely. Multiple endpoints might be affected. | ||||
| CVE-2026-5546 | 1 Campcodes | 1 Complete Online Learning Management System | 2026-04-07 | 6.3 Medium |
| A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function add_lesson of the file /application/models/Crud_model.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and may be used. | ||||
| CVE-2026-5544 | 1 Utt | 1 Hiper 1250gw | 2026-04-07 | 8.8 High |
| A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2019-25660 | 1 Hainsoft | 1 Lanhelper | 2026-04-07 | 6.2 Medium |
| LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service condition. | ||||
| CVE-2019-25687 | 1 Wisdom | 1 Pegasus Cms | 2026-04-07 | 9.8 Critical |
| Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra_fields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the action parameter to achieve code execution and obtain an interactive shell. | ||||
| CVE-2019-25663 | 2 Salesagility, Suitecrm | 2 Suitecrm, Suitecrm | 2026-04-07 | 7.1 High |
| SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the parentTab parameter. Attackers can send GET requests to the email module with malicious parentTab values using boolean-based SQL injection techniques to extract sensitive database information. | ||||
| CVE-2019-25664 | 2 Salesagility, Suitecrm | 2 Suitecrm, Suitecrm | 2026-04-07 | 7.1 High |
| SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Users module DetailView action that allows authenticated attackers to manipulate database queries. Attackers can append SQL code to the record parameter in GET requests to the index.php endpoint to extract sensitive database information through time-based blind SQL injection techniques. | ||||
| CVE-2019-25670 | 1 River Past | 1 River Past Video Cleaner | 2026-04-07 | 8.4 High |
| River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_enc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exception handler override, and shellcode to trigger code execution when the application processes the input. | ||||
| CVE-2019-25675 | 1 Edirectory | 1 Edirectory | 2026-04-07 | 8.2 High |
| eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server. | ||||
| CVE-2019-25676 | 1 Phpscriptsmall | 1 Ask Expert Script | 2026-04-07 | 8.2 High |
| Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view parameter in list-details.php to execute arbitrary code or extract database information. | ||||
| CVE-2019-25679 | 1 Realterm | 1 Realterm: Serial Terminal | 2026-04-07 | 7.8 High |
| RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked. | ||||
| CVE-2026-5539 | 1 Code-projects | 1 Simple Laundry System | 2026-04-07 | 4.3 Medium |
| A flaw has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /modifymember.php of the component Parameter Handler. This manipulation of the argument firstName causes cross site scripting. The attack can be initiated remotely. The exploit has been published and may be used. | ||||
| CVE-2026-5541 | 1 Code-projects | 1 Simple Laundry System | 2026-04-07 | 4.3 Medium |
| A vulnerability was found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the file /modmemberinfo.php of the component Parameter Handler. Performing a manipulation of the argument userid results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-5543 | 1 Phpgurukul | 1 User Registration & Login And User Management System | 2026-04-07 | 6.3 Medium |
| A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. | ||||
| CVE-2026-5673 | 2 Redhat, Xiph | 2 Enterprise Linux, Libtheora | 2026-04-07 | 5.6 Medium |
| A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI (Audio Video Interleave) parser, specifically in the avi_parse_input_file() function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI file containing a truncated header sub-chunk. This could lead to a denial-of-service (application crash) or potentially leak sensitive information from the heap. | ||||
| CVE-2026-37977 | 1 Redhat | 2 Build Keycloak, Build Of Keycloak | 2026-04-07 | 3.7 Low |
| A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) header injection vulnerability in Keycloak's User-Managed Access (UMA) token endpoint. This flaw occurs because the `azp` claim from a client-supplied JSON Web Token (JWT) is used to set the `Access-Control-Allow-Origin` header before the JWT signature is validated. When a specially crafted JWT with an attacker-controlled `azp` value is processed, this value is reflected as the CORS origin, even if the grant is later rejected. This can lead to the exposure of low-sensitivity information from authorization server error responses, weakening origin isolation, but only when a target client is misconfigured with `webOrigins: ["*"]`. | ||||
| CVE-2026-5661 | 1 Free5gc | 1 Free5gc | 2026-04-07 | 5.3 Medium |
| A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-5660 | 1 Itsourcecode | 1 Construction Management System | 2026-04-07 | 6.3 Medium |
| A vulnerability was determined in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /borrowed_equip.php of the component Parameter Handler. This manipulation of the argument emp causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||