|
2621
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collection_router.py. This manipulation of the…
|
CWE-266
CWE-284
Incorrect Privilege Assignment
Improper Access Control
|
CVE-2026-11466
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2622
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the file plugins/Stripe/Controllers/StripeController.php of the compo…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-11462
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2623
|
3.1 |
LOW
Network
|
-
|
-
|
A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\controller\SysUserController.j…
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-11464
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2624
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in jishenghua jshERP up to 3.6. This vulnerability affects the function addAccountHeadAndDetail of the file jshERP-boot/src/main/java/com/jsh/erp/service/Ac…
|
CWE-22
Path Traversal
|
CVE-2026-11467
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2625
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /admin/?page=room_types. Performing a manipulati…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-11468
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2626
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in jishenghua jshERP up to 3.6. Impacted is the function insertPlatformConfig of the file jshERP-boot/src/main/java/com/jsh/erp/service/PlatformConfigService.java of the compone…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-11469
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2627
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/…
|
CWE-22
Path Traversal
|
CVE-2026-11470
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2628
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password resul…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11471
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2629
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11472
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2630
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in jflyfox jfinal_cms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy leads to sql inje…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11473
|
2026-06-8 23:57 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
