|
2061
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affects unknown code of the file src/app/api/providers/route.ts of the component Model Provider API. This manipulation of th…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-9372
|
2026-05-27 04:54 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2062
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a mani…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-9374
|
2026-05-27 04:54 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2063
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Execut…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-9376
|
2026-05-27 04:54 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2064
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName …
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-9377
|
2026-05-27 04:54 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2065
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipu…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-9409
|
2026-05-27 04:54 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2066
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workf…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-9410
|
2026-05-27 04:54 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2067
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in code-projects Employee Management System 1.0. This affects an unknown function of the file /eloginwel.php. This manipulation of the argument ID causes cross site scr…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-9415
|
2026-05-27 04:54 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2068
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in code-projects Employee Management System 1.0. Affected is an unknown function of the file /myprofileup.php. Performing a manipulation of the argument ID results in cro…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-9417
|
2026-05-27 04:54 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2069
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in code-projects Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /changepassemp.php. Executing a manipulation of the argum…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-9418
|
2026-05-27 04:54 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2070
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in code-projects Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /empproject.php. The manipulation of the argument ID l…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-9419
|
2026-05-27 04:54 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
