CVEs from 2026
Total
14,691
critical
critical 1,318
high
high 4,976
medium
medium 4,752
low
low 501
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 621
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-3762 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmin_delete_manager.php of the component Endpoint. The m… | |||
| CVE-2026-3760 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was detected in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /view_result.php. Performing a manipulation of the argument seme res… | |||
| CVE-2026-3759 | critical | 9.8 | 9.8 | 3mo ago | A security vulnerability has been detected in projectworlds Online Art Gallery Shop 1.0. This affects an unknown part of the file /admin/adminHome.php. Such manipulation of the argument reach_nm lead… | |||
| CVE-2026-3758 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in projectworlds Online Art Gallery Shop 1.0. Affected by this issue is some unknown functionality of the file /admin/adminHome.php. This manipulation of the argument I… | |||
| CVE-2026-3757 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in projectworlds Online Art Gallery Shop 1.0. Affected by this vulnerability is an unknown functionality of the file /?pass=1. The manipulation of the argument fnm… | |||
| CVE-2026-3747 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was identified in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /add_result.php. Such manipulation of the argument su… | |||
| CVE-2026-3746 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of th… | |||
| CVE-2026-3744 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in code-projects Student Web Portal 1.0. This impacts the function valreg_passwdation of the file signup.php. The manipulation of the argument reg_passwd leads to sql i… | |||
| CVE-2026-3740 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /admin_search_student.php. This manipulation of the argument admin_search_… | |||
| CVE-2026-3736 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulati… | |||
| CVE-2026-3735 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulati… | |||
| CVE-2026-3730 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/mod_amenities/index.php?view=edit. Performi… | |||
| CVE-2026-3723 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /Admindelete.php. The manipulation of the argument flightno … | |||
| CVE-2026-3709 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /register.php. Executing a manipulation of the argument Username … | |||
| CVE-2026-3708 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. The impacted element is an unknown function of the file /login.php. Performing a manipulation of the argu… | |||
| CVE-2026-3705 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. This issue affects some unknown processing of the file /Adminsearch.php. The manipulation of the argument flightno … | |||
| CVE-2026-3696 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in Totolink N300RH 6..1c.1353_B20190305. The affected element is the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a ma… | |||
| CVE-2026-26288 | critical | 9.8 | 9.8 | 3mo ago | WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can co… | |||
| CVE-2026-26051 | critical | 9.8 | 9.8 | 3mo ago | WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can co… | |||
| CVE-2026-22552 | critical | 9.8 | 9.8 | 3mo ago | WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can co… | |||
| CVE-2026-28474 | critical | 9.8 | 9.8 | 3mo ago | Nextcloud Talk allowlist bypass via actor.name display name spoofing | |||
| CVE-2026-2743 | critical | 9.8 | 9.8 | 3mo ago | Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 … | |||
| CVE-2026-22417 | critical | 9.8 | 9.8 | 3mo ago | Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Wedding grandwedding allows Object Injection.This issue affects Grand Wedding: from n/a through < 3.1.11. | |||
| CVE-2026-27820 | critical | 9.8 | 9.8 | 3mo ago | Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption | |||
| CVE-2026-27446 | critical | 9.8 | 9.8 | 3mo ago | Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions | |||
| CVE-2026-2590 | critical | 9.8 | 9.8 | 3mo ago | Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to p… | |||
| CVE-2026-3413 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /admin_single_student.php. This manipulation of the argument ID causes sql … | |||
| CVE-2026-3411 | critical | 9.8 | 9.8 | 3mo ago | A security vulnerability has been detected in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /admin_single_student_update.php. The man… | |||
| CVE-2026-3410 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/check_studid.php. Executing a manipulation … | |||
| CVE-2026-3406 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The mani… | |||
| CVE-2026-3395 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in MaxSite CMS up to 109.1. This impacts the function eval of the file application/maxsite/admin/plugins/editor_markitup/preview-ajax.php of the component MarkItUp Preview AJAX … | |||
| CVE-2026-24352 | critical | 9.8 | 9.8 | 3mo ago | PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID… | |||
| CVE-2026-3289 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in Sanluan PublicCMS 6.202506.d. This impacts the function saveMetadata of the file TemplateCacheComponent.java of the component Template Cache Generation. Executing a … | |||
| CVE-2026-3287 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in youlaitech youlai-mall 2.0.0. This affects the function listPagedSpuForApp of the file mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/controller/app/SpuCon… | |||
| CVE-2026-20797 | critical | 9.8 | 9.8 | 3mo ago | A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to cause stack corruption and a termination of the program. | |||
| CVE-2026-3261 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settings/index.php of the component Setting Handler. This manipulation of the argumen… | |||
| CVE-2026-3187 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this issue is some unknown functionality of the file /api/admin/sys-file/upload of the component API Endpoi… | |||
| CVE-2026-3164 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in itsourcecode News Portal Project 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle results in s… | |||
| CVE-2026-3153 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in itsourcecode Document Management System 1.0. Impacted is an unknown function of the file /register.php. Such manipulation of the argument Username leads to sql injec… | |||
| CVE-2026-3152 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/teacher-salary.php. This manipulation of the argument teacher_id cau… | |||
| CVE-2026-3151 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was detected in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /login/login.php. The manipulation of the argument email results in sql… | |||
| CVE-2026-3148 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes … | |||
| CVE-2026-3135 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in itsourcecode News Portal Project 1.0. The impacted element is an unknown function of the file /admin/add-category.php. This manipulation of the argument Category cau… | |||
| CVE-2026-3134 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in itsourcecode News Portal Project 1.0. The affected element is an unknown function of the file /newsportal/admin/edit-category.php. The manipulation of the argum… | |||
| CVE-2026-3133 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability has been found in itsourcecode Document Management System 1.0. This issue affects some unknown processing of the file /loging.php of the component Login. The manipulation of the argum… | |||
| CVE-2026-2786 | critical | 9.8 | 9.8 | 3mo ago | Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |||
| CVE-2026-3069 | critical | 9.8 | 9.8 | 3mo ago | A security vulnerability has been detected in itsourcecode Document Management System 1.0. Affected is an unknown function of the file /edtlbls.php. The manipulation of the argument field1 leads to s… | |||
| CVE-2026-3068 | critical | 9.8 | 9.8 | 3mo ago | A weakness has been identified in itsourcecode Document Management System 1.0. This impacts an unknown function of the file /deluser.php. Executing a manipulation of the argument user2del can lead to… | |||
| CVE-2026-3057 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the function dateTotalForProject of the file application/common/Model/Task.php of the component Backend Inter… | |||
| CVE-2026-3053 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function addInterceptors of the file dinky-admin/src/main/java/org/dinky/configure/AppConfig.java of the component Ope… | |||
| CVE-2026-3046 | critical | 9.8 | 9.8 | 3mo ago | A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This vulnerability affects unknown code of the file /check_profile_old.php. The ma… | |||
| CVE-2026-3042 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was detected in itsourcecode Event Management System 1.0. The affected element is an unknown function of the file /admin/index.php. Performing a manipulation of the argument ID result… | |||
| CVE-2026-3025 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by this vulnerability is an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.a… | |||
| CVE-2026-2983 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in SourceCodester Student Result Management System 1.0. The impacted element is an unknown function of the file /admin/core/import_users.php of the component Bulk Impor… | |||
| CVE-2026-2964 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the function extend in the library lib/WebAudioRecorder.js of the component Dynamic Config Handling. Such manipul… | |||
| CVE-2026-2954 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in Dromara UJCMS 10.0.2. Impacted is the function importChanel of the file /api/backend/ext/import-data/import-channel of the component ImportDataController. Performing a ma… | |||
| CVE-2026-2952 | critical | 9.8 | 9.8 | 3mo ago | A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/tree_server.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxar… | |||
| CVE-2026-2944 | critical | 9.8 | 9.8 | 3mo ago | A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handl… | |||
| CVE-2026-2912 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation… | |||
| CVE-2026-2867 | critical | 9.8 | 9.8 | 3mo ago | A vulnerability was determined in itsourcecode Vehicle Management System 1.0. Affected is an unknown function of the file /billaction.php. Executing a manipulation of the argument ID can lead to sql … | |||
| CVE-2026-2865 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an unknown function of the file admin/productcontroller.php of the component HTTP POST Request Handler.… | |||
| CVE-2026-2848 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component R… | |||
| CVE-2026-26725 | critical | 9.8 | 9.8 | 4mo ago | An issue in edu Business Solutions Print Shop Pro WebDesk v.18.34 (fixed in 19.76) allows a remote attacker to escalate privileges via the AccessID parameter. | |||
| CVE-2026-22384 | critical | 9.8 | 9.8 | 4mo ago | Deserialization of Untrusted Data vulnerability in leafcolor Applay - Shortcodes applay-shortcodes allows Object Injection.This issue affects Applay - Shortcodes: from n/a through <= 3.7. | |||
| CVE-2026-2691 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability has been found in itsourcecode Event Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/manage_register.php. Such manipulation of the argum… | |||
| CVE-2026-2690 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in itsourcecode Event Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login of the component Admin Login. Th… | |||
| CVE-2026-2689 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was detected in itsourcecode Event Management System 1.0. Affected is an unknown function of the file /admin/manage_booking.php. The manipulation of the argument ID results in sql inj… | |||
| CVE-2026-2684 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). The impacted element is an unknown function of the file /Archive/ErecordManage/uploadFile.html.… | |||
| CVE-2026-2682 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such… | |||
| CVE-2026-2654 | critical | 9.8 | 9.8 | 4mo ago | Hugging Face Smolagents has a Server-Side Request Forgery issue | |||
| CVE-2026-2616 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials… | |||
| CVE-2026-2528 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in Wavlink WL-WN579A3 up to 20210219. Affected by this vulnerability is the function Delete_Mac_list of the file /cgi-bin/wireless.cgi. The manipulation of the argument… | |||
| CVE-2026-2527 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in Wavlink WL-WN579A3 up to 20210219. Affected is an unknown function of the file /cgi-bin/login.cgi. Executing a manipulation of the argument key can lead to command i… | |||
| CVE-2026-23112 | critical | 9.8 | 9.8 | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU leng… | |||
| CVE-2026-2225 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in itsourcecode News Portal Project 1.0. This vulnerability affects unknown code of the file /admin/index.php of the component Administrator Login. This manipulation of the argu… | |||
| CVE-2026-2223 | critical | 9.8 | 9.8 | 4mo ago | A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/ta… | |||
| CVE-2026-2221 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the … | |||
| CVE-2026-2220 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessments/pretest/btn_functions.php. Such manipulation… | |||
| CVE-2026-2217 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/manage_user.php. The manipulation of the argument ID results in s… | |||
| CVE-2026-1615 | critical | 9.8 | 9.8 | 4mo ago | jsonpath has Arbitrary Code Injection via Unsafe Evaluation of JSON Path Expressions | |||
| CVE-2026-2212 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Administrator/PHP/AdminEditCategory.php. The manipulatio… | |||
| CVE-2026-2211 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in code-projects Online Music Site 1.0. Affected is an unknown function of the file /Administrator/PHP/AdminDeleteCategory.php. Executing a manipulation of the argument… | |||
| CVE-2026-2199 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. P… | |||
| CVE-2026-2198 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/admins/assessments/pretest/loaddata.php. Such manipu… | |||
| CVE-2026-2197 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of… | |||
| CVE-2026-2196 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in code-projects Online Reviewer System 1.0. This issue affects some unknown processing of the file /system/system/admins/assessments/pretest/exam-update.php. The manipulati… | |||
| CVE-2026-2195 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability has been found in code-projects Online Reviewer System 1.0. This vulnerability affects unknown code of the file /system/system/admins/assessments/pretest/questions-view.php. The manip… | |||
| CVE-2026-2190 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/user/controller.php. The manipulation of the argument ID resul… | |||
| CVE-2026-2189 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/report/index.php. The manipulation of the argument ay leads to sql … | |||
| CVE-2026-2172 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was determined in code-projects Online Application System for Admission 1.0. Affected by this vulnerability is an unknown functionality of the file enrollment/index.php of the compone… | |||
| CVE-2026-2171 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in code-projects Online Student Management System 1.0. Affected is an unknown function of the file accounts.php of the component Login. Performing a manipulation of the argu… | |||
| CVE-2026-2166 | critical | 9.8 | 9.8 | 4mo ago | A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulati… | |||
| CVE-2026-2165 | critical | 9.8 | 9.8 | 4mo ago | A weakness has been identified in detronetdip E-commerce 1.0.0. Impacted is an unknown function of the file /Admin/assets/backend/seller/add_seller.php of the component Account Creation Endpoint. Exe… | |||
| CVE-2026-2164 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the file /seller/assets/backend/profile/addadhar.php. Performing a manipulation of t… | |||
| CVE-2026-2161 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in itsourcecode Directory Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/forget-password.php. The manipulation of the argumen… | |||
| CVE-2026-2136 | critical | 9.8 | 9.8 | 4mo ago | A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql inje… | |||
| CVE-2026-2133 | critical | 9.8 | 9.8 | 4mo ago | A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtima… | |||
| CVE-2026-2132 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the … | |||
| CVE-2026-2122 | critical | 9.8 | 9.8 | 4mo ago | A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results i… | |||
| CVE-2026-2117 | critical | 9.8 | 9.8 | 4mo ago | A vulnerability was found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/edit_activity.php. Performing a manipulation of the argument ac… |