Total
18747 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-5838 | 1 Phpgurukul | 1 News Portal Project | 2026-04-13 | 4.7 Medium |
| A vulnerability was determined in PHPGurukul News Portal Project 4.1. This vulnerability affects unknown code of the file /admin/add-subadmins.php. This manipulation of the argument sadminusername causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-5824 | 1 Code-projects | 1 Simple Laundry System | 2026-04-13 | 7.3 High |
| A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /userchecklogin.php. Such manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-5813 | 1 Phpgurukul | 1 Online Course Registration | 2026-04-13 | 7.3 High |
| A weakness has been identified in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /check_availability.php. Executing a manipulation of the argument cid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-5814 | 1 Phpgurukul | 1 Online Course Registration | 2026-04-13 | 7.3 High |
| A security vulnerability has been detected in PHPGurukul Online Course Registration 3.1. This issue affects some unknown processing of the file /admin/check_availability.php. The manipulation of the argument regno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-5823 | 1 Itsourcecode | 1 Construction Management System | 2026-04-13 | 6.3 Medium |
| A weakness has been identified in itsourcecode Construction Management System 1.0. Affected by this issue is some unknown functionality of the file /borrowed_tool_report.php. This manipulation of the argument Home causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-4112 | 1 Sonicwall | 1 Sma1000 | 2026-04-13 | N/A |
| Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator. | ||||
| CVE-2026-5828 | 1 Code-projects | 1 Simple It Discussion Forum | 2026-04-13 | 7.3 High |
| A vulnerability was found in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /functions/addcomment.php. The manipulation of the argument postid results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-5829 | 1 Code-projects | 1 Simple It Discussion Forum | 2026-04-13 | 7.3 High |
| A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element is an unknown function of the file /pages/content.php. This manipulation of the argument post_id causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-5839 | 1 Phpgurukul | 1 News Portal Project | 2026-04-13 | 4.7 Medium |
| A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument sucatdescription leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-5840 | 1 Phpgurukul | 1 News Portal Project | 2026-04-13 | 4.7 Medium |
| A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/check_availability.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-5961 | 1 Code-projects | 1 Simple It Discussion Forum | 2026-04-13 | 7.3 High |
| A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This vulnerability affects unknown code of the file /topic-details.php. The manipulation of the argument post_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-5985 | 1 Code-projects | 1 Simple It Discussion Forum | 2026-04-13 | 7.3 High |
| A security flaw has been discovered in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /crud.php. The manipulation of the argument user_Id results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-6038 | 1 Code-projects | 1 Vehicle Showroom Management System | 2026-04-13 | 7.3 High |
| A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. This impacts an unknown function of the file /util/RegisterCustomerFunction.php. Such manipulation of the argument BRANCH_ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. | ||||
| CVE-2026-6006 | 1 Code-projects | 1 Patient Record Management System | 2026-04-13 | 6.3 Medium |
| A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edit_hpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-6005 | 1 Code-projects | 1 Patient Record Management System | 2026-04-13 | 6.3 Medium |
| A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematology_print.php. Executing a manipulation of the argument hem_id can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. | ||||
| CVE-2026-6033 | 1 Codeastro | 1 Online Classroom | 2026-04-13 | 6.3 Medium |
| A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /updatedetailsfromstudent.php?eno=146891650. Executing a manipulation of the argument fname can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-6036 | 1 Code-projects | 1 Vehicle Showroom Management System | 2026-04-13 | 7.3 High |
| A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted element is an unknown function of the file /util/VehicleDetailsFunction.php. The manipulation of the argument VEHICLE_ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-6030 | 1 Itsourcecode | 1 Construction Management System | 2026-04-13 | 6.3 Medium |
| A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /del1.php. This manipulation of the argument toolname causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-6004 | 1 Code-projects | 1 Simple It Discussion Forum | 2026-04-13 | 7.3 High |
| A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument cat_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. | ||||
| CVE-2026-6007 | 1 Itsourcecode | 1 Construction Management System | 2026-04-13 | 6.3 Medium |
| A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used. | ||||