|
851
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /edit_branch.php. Executing a manipulation of the argument ID can lead to sql…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7076
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
852
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit_parcel.php. The manipulation of the argument ID leads to sq…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7077
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
853
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in likeadmin-likeshop likeadmin_php up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of th…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7083
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
854
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in HBAI-Ltd Toonflow-app up to 1.1.1. This affects the function fetch of the file src/routes/setting/vendorConfig/getCodeByLink.ts of the component getCodeByLink Endpoint. T…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7084
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
855
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in HBAI-Ltd Toonflow-app up to 1.1.1. This vulnerability affects the function z.url of the file src/routes/setting/about/downloadApp.ts of the component downloadApp End…
Update
|
CWE-22
Path Traversal
|
CVE-2026-7085
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
856
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. Such manipulatio…
Update
|
CWE-22
Path Traversal
|
CVE-2026-7086
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
857
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of th…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7087
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
858
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipula…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7088
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
859
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in code-projects Home Service System 1.0. The impacted element is an unknown function of the file /booking.php of the component Appointment Booking. The man…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7089
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
860
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send_message.php of the component Chat Interface. The manipulation of the argument m…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7090
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
