|
2081
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql i…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6193
|
2026-04-14 02:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2082
|
3.3 |
LOW
Local
|
-
|
-
|
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. T…
|
CWE-189
CWE-190
Numeric Errors
Integer Overflow or Wraparound
|
CVE-2026-6192
|
2026-04-14 02:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2083
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6191
|
2026-04-14 02:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2084
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /employees.php. Performing a manipulation of the argument Name re…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6190
|
2026-04-14 02:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2085
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argu…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6189
|
2026-04-14 02:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2086
|
- |
|
-
|
-
|
When calling base64.b64decode() or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This ca…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-3446
|
2026-04-14 02:16 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2087
|
2.7 |
LOW
Network
|
-
|
-
|
Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control S…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-39510
|
2026-04-14 02:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2088
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hidekazu Ishikawa VK All in One Expansion Unit vk-all-in-one-expansion-unit allows Stored XSS.Thi…
|
CWE-79
Cross-site Scripting
|
CVE-2026-39483
|
2026-04-14 02:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2089
|
7.6 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brainstorm Force OttoKit suretriggers allows Blind SQL Injection.This issue affects OttoKit: from…
|
CWE-89
SQL Injection
|
CVE-2026-39479
|
2026-04-14 02:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2090
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Feedback: from n/a t…
|
CWE-862
Missing Authorization
|
CVE-2026-39476
|
2026-04-14 02:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
