|
681
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function GetFileInfo of the file hrsystem/application/models/Employee_model.php of the componen…
New
|
CWE-74 CWE-89
Injection SQL Injection
|
CVE-2026-13535
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
682
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Perfo…
New
|
CWE-285 CWE-639
Improper Authorization Authorization Bypass Through User-Controlled Key
|
CVE-2026-13534
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
683
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in Wavlink WL-NU516U1-A M16U1_V240425. The affected element is the function sub_401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This m…
New
|
CWE-74 CWE-77
Injection Command Injection
|
CVE-2026-13538
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
684
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in GitBucket up to 4.46.1. This affects the function Git.cloneRepository.setURI of the file src/main/scala/gitbucket/core/service/RepositoryCreationService.scala. …
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-13540
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
685
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /doctorchangepassword.php. Executing a manipulation of the argument newpass…
New
|
CWE-74 CWE-89
Injection SQL Injection
|
CVE-2026-13541
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
686
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the component API. This manipulation causes improper access controls. Th…
New
|
CWE-266 CWE-284
Incorrect Privilege Assignment Improper Access Control
|
CVE-2026-13544
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
687
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing …
New
|
CWE-287 CWE-306
Improper Authentication Missing Authentication for Critical Function
|
CVE-2026-13546
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
688
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation…
New
|
CWE-284 CWE-434
Improper Access Control Unrestricted Upload of File with Dangerous Type
|
CVE-2026-13547
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
689
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation of the argument ID…
New
|
CWE-74 CWE-89
Injection SQL Injection
|
CVE-2026-13550
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
690
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/mod_amenities/controller.php?action=edit. Performing a manipulatio…
New
|
CWE-74 CWE-89
Injection SQL Injection
|
CVE-2026-13552
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|