|
91
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php. Affected by this vulnerability is an unknown functionality of the file /preview5.php. Such manipulation o…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-13521
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
92
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe…
New
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2026-13522
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
93
|
3.3 |
LOW
Local
|
-
|
-
|
A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly c…
New
|
CWE-404
CWE-409
Improper Resource Shutdown or Release
Improper Handling of Highly Compressed Data (Data Amplification)
|
CVE-2026-13523
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
94
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_class.php. This manipulation of the argument ID causes sql injection. …
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-13526
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
95
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0. The affected element is an unknown function of the file /preview4.php. Such manipulation of the argument course…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-13527
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
96
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in YunaiV/zhijiantianya ruoyi-vue-pro up to 2026.04-jdk8-SNAPSHOT. The impacted element is the function generateUploadPath of the file yudao-module-infra/src/main/java/cn/io…
New
|
CWE-22
Path Traversal
|
CVE-2026-13528
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
97
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in YzmCMS up to 7.5. This affects an unknown function of the file /application/install/index.php. Executing a manipulation of the argument siteurl can lead to sql injec…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-13529
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
98
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /departmentDoctor.php. This manipulation of the a…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-13532
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
99
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handle…
New
|
CWE-425
CWE-552
Direct Request ('Forced Browsing')
Files or Directories Accessible to External Parties
|
CVE-2026-13533
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
100
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Perfo…
New
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-13534
|
2026-06-30 03:46 |
2026-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
