|
551
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /edit_branch.php. Executing a manipulation of the argument ID can lead to sql…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7076
|
2026-04-28 03:39 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
552
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit_parcel.php. The manipulation of the argument ID leads to sq…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7077
|
2026-04-28 03:39 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
553
|
8.8 |
HIGH
Network
|
-
|
-
|
The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.0.0. This is due to insufficient authorization checks in the hsc…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-7106
|
2026-04-28 03:38 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
554
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in likeadmin-likeshop likeadmin_php up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of th…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7083
|
2026-04-28 03:38 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
555
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of th…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7087
|
2026-04-28 03:38 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
556
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipula…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7088
|
2026-04-28 03:38 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
557
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in code-projects Home Service System 1.0. The impacted element is an unknown function of the file /booking.php of the component Appointment Booking. The man…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7089
|
2026-04-28 03:38 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
558
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send_message.php of the component Chat Interface. The manipulation of the argument m…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7090
|
2026-04-28 03:38 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
559
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the component User Management Handler. This manipulation causes improper au…
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7091
|
2026-04-28 03:38 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
560
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /profile/ of the component Profile Handler. Such manipulation of the argumen…
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7092
|
2026-04-28 03:38 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
