|
2741
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in Campcodes Complete POS Management and Inventory System up to 4.0.6. This affects an unknown function of the file app/Http/Controllers/SettingsController.php of the c…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-5561
|
2026-04-25 03:14 |
2026-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2742
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in AutohomeCorp frostmourne up to 1.0. Affected is the function httpTest of the file /api/monitor-api/alarm/previewData of the component Alarm Preview. The manipul…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5563
|
2026-04-25 03:14 |
2026-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2743
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5564
|
2026-04-25 03:14 |
2026-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2744
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter H…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5565
|
2026-04-25 03:14 |
2026-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2745
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects the function strcpy of the file /goform/formNatStaticMap. Performing a manipulation of the argument NatBind re…
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-5566
|
2026-04-25 03:14 |
2026-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2746
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in Akaunting up to 3.1.21. This issue affects some unknown processing of the component Invoice/Billing. The manipulation of the argument notes leads to cross site scrip…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-5568
|
2026-04-25 03:14 |
2026-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2747
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in SourceCodester/jkev Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipula…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5575
|
2026-04-25 03:14 |
2026-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2748
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file save_emp.php of the component Add Employee Page. This manip…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-5576
|
2026-04-25 03:14 |
2026-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2749
|
8.1 |
HIGH
Network
|
rwsdk
|
redwoodsdk
|
RedwoodSDK is a server-first React framework. From 1.0.0-beta.50 to 1.0.5, erver functions exported from "use server" files could be invoked via GET requests, bypassing their intended HTTP method. In…
|
CWE-352
Origin Validation Error
|
CVE-2026-39371
|
2026-04-25 03:14 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2750
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activitie…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-5370
|
2026-04-25 03:13 |
2026-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
