Exploit Database

146,812 exploits tracked across all sources.

Sort: Activity Stars
CVE-2026-36874 WRITEUP LOW
Basic Library System 1.0 - SQL Injection
Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_student.php.
CVSS 2.7
CVE-2026-36919 WRITEUP LOW
Sourcecodester Online Reviewer System 1.0 - SQL Injection
Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/admins/assessments/examproper/exam-update.php.
CVSS 2.7
CVE-2026-36920 WRITEUP LOW
Online Reviewer System 1.0 - SQL Injection
Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system/admins/assessments/examproper/questions-view.php.
CVSS 2.7
CVE-2026-36922 WRITEUP LOW
Sourcecodester Cab Management System 1.0 - SQL Injection
Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/view_category.php.
CVSS 2.7
CVE-2026-36923 WRITEUP LOW
Sourcecodester Cab Management System 1.0 - SQL Injection
Sourcecodester Cab Management System 1.0 is vulnerable to SQL Injection in the file /cms/admin/bookings/view_booking.php.
CVSS 2.7
CVE-2026-36937 WRITEUP LOW
Online Resort Management System 1.0 - SQL Injection
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/reservations/view_details.php.
CVSS 2.7
CVE-2026-36938 WRITEUP LOW
Online Resort Management System 1.0 - SQL Injection
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/rooms/view_room.php.
CVSS 2.7
CVE-2026-36941 WRITEUP LOW
Online Resort Management System 1.0 - SQL Injection
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manage_room.php.
CVSS 2.7
CVE-2026-36942 WRITEUP LOW
Online Resort Management System 1.0 - SQL Injection
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php.
CVSS 2.7
CVE-2026-36943 WRITEUP LOW
Computer and Mobile Repair Shop Management System 1.0 - SQL Injection
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/manage_repair.php.
CVSS 2.7
CVE-2026-36944 WRITEUP LOW
Computer and Mobile Repair Shop Management System 1.0 - SQL Injection
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerale to SQL injection in the file/rsms/admin/repairs/view_details.php.
CVSS 2.7
CVE-2026-36945 WRITEUP LOW
Computer and Mobile Repair Shop Management System 1.0 - SQL Injection
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/clients/manage_client.php
CVSS 2.7
CVE-2026-36946 WRITEUP LOW
Computer and Mobile Repair Shop Management System 1.0 - SQL Injection
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/view_details.php.
CVSS 2.7
CVE-2026-36947 WRITEUP LOW
Computer and Mobile Repair Shop Management System 1.0 - SQL Injection
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/view_service.php.
CVSS 2.7
CVE-2026-36948 WRITEUP HIGH
Online Thesis Archiving System 1.0 - SQL Injection
Sourcecodester Online Thesis Archiving System v1.0 is vulnerale to SQL injection in the file /otas/view_archive.php.
CVSS 7.3
CVE-2026-36950 WRITEUP LOW
Online Thesis Archiving System 1.0 - SQL Injection
Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in /otas/projects_per_department.php.
CVSS 2.7
CVE-2026-36952 WRITEUP LOW
Online Thesis Archiving System 1.0 - SQL Injection
Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/manage_curriculum.php.
CVSS 2.7
CVE-2026-6100 WRITEUP HIGH
Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure
Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when a memory allocation fails with a `MemoryError` and the decompression instance is re-used. This scenario can be triggered if the process is under memory pressure. The fix cleans up the dangling pointer in this specific error condition. The vulnerability is only present if the program re-uses decompressor instances across multiple decompression calls even after a `MemoryError` is raised during decompression. Using the helper functions to one-shot decompress data such as `lzma.decompress()`, `bz2.decompress()`, `gzip.decompress()`, and `zlib.decompress()` are not affected as a new decompressor instance is used per call. If the decompressor instance is not re-used after an error condition, this usage is similarly not vulnerable.
CVSS 8.1
CVE-2026-6186 WRITEUP HIGH
UTT HiPER 1200GW formNatStaticMap strcpy buffer overflow
A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument NatBind leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
CVSS 8.8
CVE-2026-6192 WRITEUP LOW
uclouvain openjpeg pi.c opj_pi_initialise_encode integer overflow
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is 839936aa33eb8899bbbd80fda02796bb65068951. It is suggested to install a patch to address this issue.
CVSS 3.3
CVE-2026-6194 WRITEUP HIGH
Totolink A3002MU HTTP Request formWlanSetup sub_410188 stack-based overflow
A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub_410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
CVSS 8.8
CVE-2026-6195 WRITEUP CRITICAL
Totolink A7100RU CGI cstecgi.cgi setPasswordCfg os command injection
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVSS 9.8
CVE-2026-6196 WRITEUP HIGH
Tenda F456 exeCommand fromexeCommand stack-based overflow
A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
CVSS 8.8
CVE-2025-60710 VULNCHECK_XDB HIGH
Host Process for Windows Tasks - Privilege Escalation
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
CVSS 7.8
CVE-2026-39987 NOMISEC CRITICAL
marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass
marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints (e.g., /ws) that correctly call validate_auth() for authentication, the /terminal/ws endpoint only checks the running mode and platform support before accepting connections, completely skipping authentication verification. This vulnerability is fixed in 0.23.0.
by fevar54
CVSS 9.8