|
1381
|
8.8 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a man…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-11557
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1382
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in CodeAstro Payroll System 1.0. The impacted element is an unknown function of the file /home_salary.php. The manipulation of the argument rate/salary_rate…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11558
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1383
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in CodeAstro Payroll System 1.0. This affects an unknown function of the file /view_account.php. The manipulation of the argument ID results in sql injection. The attack …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11559
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1384
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in CodeAstro Student Attendance Management System 1.0. The impacted element is an unknown function of the file /attendance-php/index.php. Executing a manipulation of the argumen…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11582
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1385
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argum…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11583
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1386
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of th…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11584
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1387
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the a…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11585
|
2026-06-9 10:32 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1388
|
- |
|
-
|
-
|
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.0 suffer from an improper session termination vulnerability where authentication tokens remain valid after …
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-46401
|
2026-06-9 05:17 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1389
|
8.2 |
HIGH
Network
|
-
|
-
|
CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow (`.github/workflows/static.yml`) uses the `pull_request_target` trigger but dan…
|
CWE-94
Code Injection
|
CVE-2026-41249
|
2026-06-9 05:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1390
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality N…
|
CWE-287
CWE-306
CWE-1390
Improper Authentication
Missing Authentication for Critical Function
Weak Authentication
|
CVE-2026-6274
|
2026-06-9 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
