|
2031
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /BranchManagement/ProfitAndLossReport.php. Executing a manipulation of the a…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6034
|
2026-04-25 03:01 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2032
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in code-projects Vehicle Showroom Management System 1.0. The affected element is an unknown function of the file /BranchManagement/ServiceAndSalesReport.php. The manipu…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6035
|
2026-04-25 03:01 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2033
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted element is an unknown function of the file /util/VehicleDetailsFunction.php. The manipulation of the ar…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6036
|
2026-04-25 03:01 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2034
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function of the file /util/AddVehicleFunction.php. This manipulation of the argument BR…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6037
|
2026-04-25 03:01 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2035
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. This impacts an unknown function of the file /util/RegisterCustomerFunction.php. Such manipulation of the argum…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6038
|
2026-04-25 03:01 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2036
|
3.3 |
LOW
Local
|
-
|
-
|
A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results …
|
CWE-404
CWE-407
Improper Resource Shutdown or Release
Inefficient Algorithmic Complexity
|
CVE-2026-6042
|
2026-04-25 03:01 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2037
|
7.1 |
HIGH
Network
|
-
|
-
|
The Gravity SMTP plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.4. This is due to the plugin not properly verifying that a user is authorized to per…
|
CWE-862
Missing Authorization
|
CVE-2026-4162
|
2026-04-25 03:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2038
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CactusThemes VideoPro videopro allows PHP Local File Inclusion.This issue affe…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-58913
|
2026-04-25 03:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2039
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zootemplate Cerato cerato allows Reflected XSS.This issue affects Cerato: from n/a through <= 2.2…
|
CWE-79
Cross-site Scripting
|
CVE-2025-58920
|
2026-04-25 03:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2040
|
7.5 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Case Themes Case Theme User case-theme-user allows PHP Local File Inclusion.Th…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-5804
|
2026-04-25 03:00 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
