|
1001
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function login_user of the file login_1.php. Executing a manipulation of the argument Username can lea…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10208
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1002
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in code-projects Online Hospital Management System 1.0. Affected is an unknown function of the file appointmentdetail.php of the component Appointment Handler. The mani…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10209
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1003
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function _sanitize_prompt_description of the file astrbot/core/skills/skill_manager.py. The manipulation…
New
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-10210
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1004
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in AstrBotDevs AstrBot 4.23.6. Affected by this issue is the function _normalize_rw_path of the file astrbot/core/tools/computer_tools/fs.py. This manipulation causes i…
New
|
CWE-285
CWE-863
Improper Authorization
Incorrect Authorization
|
CVE-2026-10211
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1005
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astr_main_agent of the file astrbot/core/astr_main_agent.py. Such manipulation of the argument session_id leads…
New
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-10212
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1006
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in AstrBotDevs AstrBot 4.23.6. This vulnerability affects unknown code of the file /api/skills/delete of the component API Endpoint. Performing a manipulation of t…
New
|
CWE-22
Path Traversal
|
CVE-2026-10213
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1007
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0.8. This issue affects the function _get_safety_warning of the file agent/tools/bash/bash.py of the component Bash Tool. Executin…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-10214
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1008
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/api_holidays.class.php of the component …
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-10215
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1009
|
3.7 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in unitedbyai droidclaw up to 0.5.3. The affected element is an unknown function of the file server/src/routes/pairing.ts of the component claim Endpoint. The manipulatio…
New
|
CWE-307
CWE-799
mproper Restriction of Excessive Authentication Attempts
Improper Control of Interaction Frequency
|
CVE-2026-10216
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1010
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipul…
New
|
CWE-266
CWE-269
Incorrect Privilege Assignment
Improper Privilege Management
|
CVE-2026-10217
|
2026-06-2 00:15 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
