|
841
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performin…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7063
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
842
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7064
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
843
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupictu…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7060
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
844
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the comp…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7065
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
845
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function exec_openstack of the file server.py. The manipulati…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7066
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
846
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7070
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
847
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Usern…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7072
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
848
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument code causes sql injection. The attac…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7073
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
849
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to s…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7074
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
850
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7075
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
