CVE Vulnerability Database

Search and browse 234 known security vulnerabilities. Filter by severity, vendor, product, and year.

234 vulnerabilities found
Recent Highest Score Oldest
Severity: Low ร— Clear all
CVE-2026-37597
2.7 low

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php.

Apr 14, 2026
CVE-2026-37596
2.7 low

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php.

Apr 14, 2026
CVE-2026-37595
2.7 low

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_employee.php.

Apr 14, 2026
CVE-2026-37594
2.7 low

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_employee.php.

Apr 14, 2026
CVE-2026-37593
2.7 low

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php.

Apr 14, 2026
CVE-2026-37592
2.7 low

Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL in the file /storage/admin/maintenance/manage_pricing.php.

Apr 14, 2026
CVE-2026-37591
2.7 low

Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view_details.php.

Apr 14, 2026
CVE-2026-37590
2.7 low

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/manage_rent.php.

Apr 14, 2026
CVE-2026-37589
2.7 low

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/manage_storage_unit.php.

Apr 14, 2026
CVE-2025-40745
3.7 low

A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (All versions < V2602), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All ver

Apr 14, 2026
CVE-2026-39419
3.1 low

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an authenticated user can bypass sandbox result validation and spoof tool execution results by exploiting Python frame introspection to read the wrapper's UUID from its bytecode constants, then writing a forged result

Apr 14, 2026
CVE-2026-27675
2.0 low

SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degre

Apr 14, 2026
CVE-2026-6216
3.5 low

A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such manipulation of the argument applicationIcon leads to cross site scripting. The attack may be launched

Apr 13, 2026
CVE-2026-33659
3.5 low

EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Attachment/fromImageUrl endpoint is vulnerable to Server-Side Request Forgery (SSRF) via a DNS rebinding (TOCTOU) condition. Host validation uses dns_get_record() but the actual HTTP

Apr 13, 2026
CVE-2026-6192
3.3 low

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The ident

Apr 13, 2026
CVE-2026-36952
2.7 low

Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/manage_curriculum.php.

Apr 13, 2026
CVE-2026-36950
2.7 low

Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in /otas/projects_per_department.php.

Apr 13, 2026
CVE-2026-6184
2.4 low

A weakness has been identified in code-projects Simple Content Management System 1.0. This affects an unknown part of the file /web/admin/welcome.php. Executing a manipulation of the argument News Title can lead to cross site scripting. The attack can be executed remotely. The exploit has been made

Apr 13, 2026
CVE-2026-36938
2.7 low

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/rooms/view_room.php.

Apr 13, 2026
CVE-2026-36937
2.7 low

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/view_details.php.

Apr 13, 2026
CVE-2026-36945
2.7 low

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/clients/manage_client.php

Apr 13, 2026
CVE-2026-36944
2.7 low

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerale to SQL injection in the file/rsms/admin/repairs/view_details.php.

Apr 13, 2026
CVE-2026-36943
2.7 low

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/manage_repair.php.

Apr 13, 2026
CVE-2026-36942
2.7 low

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php.

Apr 13, 2026