|
1461
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in jflyfox jfinal_cms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy leads to sql inje…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11473
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1462
|
3.1 |
LOW
Network
|
-
|
-
|
A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\controller\SysUserController.j…
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-11464
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1463
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in jishenghua jshERP up to 3.6. This vulnerability affects the function addAccountHeadAndDetail of the file jshERP-boot/src/main/java/com/jsh/erp/service/Ac…
|
CWE-22
Path Traversal
|
CVE-2026-11467
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1464
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in jishenghua jshERP up to 3.6. Impacted is the function insertPlatformConfig of the file jshERP-boot/src/main/java/com/jsh/erp/service/PlatformConfigService.java of the compone…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-11469
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1465
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/…
|
CWE-22
Path Traversal
|
CVE-2026-11470
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1466
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of th…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-11474
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1467
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/G…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11475
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1468
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this issue is the function edit-admin of the file controll…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-11476
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1469
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in hs-web hsweb-framework up to 5.0.1. This affects the function OAuth2Client of the file hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/…
|
CWE-601
Open Redirect
|
CVE-2026-11477
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1470
|
3.3 |
LOW
Local
|
-
|
-
|
A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This m…
|
CWE-400
CWE-1333
Uncontrolled Resource Consumption
Inefficient Regular Expression Complexity
|
CVE-2026-11478
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
