|
4831
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to s…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7074
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4832
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7075
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4833
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /edit_branch.php. Executing a manipulation of the argument ID can lead to sql…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7076
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4834
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit_parcel.php. The manipulation of the argument ID leads to sq…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7077
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4835
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in likeadmin-likeshop likeadmin_php up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of th…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7083
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4836
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of th…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7087
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4837
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipula…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7088
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4838
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in HBAI-Ltd Toonflow-app up to 1.1.1. This affects the function fetch of the file src/routes/setting/vendorConfig/getCodeByLink.ts of the component getCodeByLink Endpoint. T…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7084
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4839
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in HBAI-Ltd Toonflow-app up to 1.1.1. This vulnerability affects the function z.url of the file src/routes/setting/about/downloadApp.ts of the component downloadApp End…
|
CWE-22
Path Traversal
|
CVE-2026-7085
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4840
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. Such manipulatio…
|
CWE-22
Path Traversal
|
CVE-2026-7086
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
