|
361
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collection_router.py. This manipulation of the…
New
|
CWE-266
CWE-284
Incorrect Privilege Assignment
Improper Access Control
|
CVE-2026-11466
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
362
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /admin/?page=room_types. Performing a manipulati…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-11468
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password resul…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11471
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11472
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
365
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in jflyfox jfinal_cms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy leads to sql inje…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11473
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in jishenghua jshERP up to 3.6. This vulnerability affects the function addAccountHeadAndDetail of the file jshERP-boot/src/main/java/com/jsh/erp/service/Ac…
New
|
CWE-22
Path Traversal
|
CVE-2026-11467
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
367
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in jishenghua jshERP up to 3.6. Impacted is the function insertPlatformConfig of the file jshERP-boot/src/main/java/com/jsh/erp/service/PlatformConfigService.java of the compone…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-11469
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
368
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/…
New
|
CWE-22
Path Traversal
|
CVE-2026-11470
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
369
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of th…
New
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-11474
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
370
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/G…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11475
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
