|
911
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the com…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7223
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
912
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processing_server.py of the compone…
|
CWE-22
Path Traversal
|
CVE-2026-7216
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
913
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component fastly_cli Tool.…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7220
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
914
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipu…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7221
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
915
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function delete_cart of the file /admin/ajax.php?action=delete_cart. Performing a manipulation of …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7224
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
916
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function delete_menu of the file /admin/ajax.php?action=delete_menu. Executing a manipula…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7225
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
917
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects the function login2 of the file /admin/ajax.php?action=login2. The manipulation of the ar…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7226
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
918
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function Login of the file /admin/ajax.php?action=login. The manipulation of the argument e-mail results i…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7227
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
919
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function get_cart_count of the file /admin/ajax.php?action=get_cart_count. This manipulation of the a…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7228
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
920
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST Handler. Performing a manip…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7229
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
