|
1821
|
8.8 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in Tenda F451 1.0.0.7/1.0.0.9. Impacted is the function formWriteFacMac of the file /goform/WriteFacMac of the component Web Management Interface. Performing a man…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-11556
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1822
|
8.8 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a man…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-11557
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1823
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in CodeAstro Payroll System 1.0. The impacted element is an unknown function of the file /home_salary.php. The manipulation of the argument rate/salary_rate…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11558
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1824
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in CodeAstro Payroll System 1.0. This affects an unknown function of the file /view_account.php. The manipulation of the argument ID results in sql injection. The attack …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11559
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1825
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in CodeAstro Student Attendance Management System 1.0. The impacted element is an unknown function of the file /attendance-php/index.php. Executing a manipulation of the argumen…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11582
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1826
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argum…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11583
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1827
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of th…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11584
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1828
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the a…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11585
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1829
|
- |
|
-
|
-
|
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.0 suffer from an improper session termination vulnerability where authentication tokens remain valid after …
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-46401
|
2026-06-9 05:17 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1830
|
8.2 |
HIGH
Network
|
-
|
-
|
CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow (`.github/workflows/static.yml`) uses the `pull_request_target` trigger but dan…
|
CWE-94
Code Injection
|
CVE-2026-41249
|
2026-06-9 05:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
