Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,791
Quick preset (or use dates below)
Clear Filters
Showing 10,141 - 10,160 of 14,108 CVEs
CVE-2026-3746 HIGH - 7.3

A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the component Login. This manipulation of the argument Username causes sql injection. The attack may be...

Vendor: oretnom23
Product: simple_responsive_tourism_website
Published: Mar 08, 2026
Source: NVD
CVE-2026-3744 HIGH - 7.3

A vulnerability has been found in code-projects Student Web Portal 1.0. This impacts the function valreg_passwdation of the file signup.php. The manipulation of the argument reg_passwd leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...

Vendor: carmelo
Product: student_web_portal
Published: Mar 08, 2026
Source: NVD
CVE-2026-3740 HIGH - 7.3

A weakness has been identified in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /admin_search_student.php. This manipulation of the argument admin_search_student causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

Vendor: angeljudesuarez
Product: university_management_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3736 HIGH - 7.3

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this issue is some unknown functionality of the file SearchResultRoundtrip.php. Performing a manipulation of the argument from results in sql injection. The attack may be initiated remotely. The exploit h...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3735 HIGH - 7.3

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit has ...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3734 HIGH - 7.3

A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of the argument manager_id causes improper authorization. The attack can be initiated remotely. The explo...

Vendor: lerouxyxchire
Product: client_database_management_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3732 HIGH - 8.8

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly a...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3730 HIGH - 7.3

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/mod_amenities/index.php?view=edit. Performing a manipulation of the argument amen_id/rmtype_id results in sql injection. The attack is possible ...

Vendor: itsourcecode
Product: free_hotel_reservation_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3729 HIGH - 8.8

A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and mig...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3728 HIGH - 8.8

A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disc...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3727 HIGH - 8.8

A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function sub_3C6C0 of the file /goform/QuickIndex. The manipulation of the argument mit_linktype/PPPOEPassword results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3726 HIGH - 8.8

A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the p...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3723 HIGH - 7.3

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /Admindelete.php. The manipulation of the argument flightno results in sql injection. The attack may be performed from remote. The exploit has been released to t...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3715 HIGH - 8.8

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument del_flag results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made publi...

Vendor: wavlink
Product: wl-wn579x3-c_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3709 HIGH - 7.3

A weakness has been identified in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /register.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available t...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3708 HIGH - 7.3

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. The impacted element is an unknown function of the file /login.php. Performing a manipulation of the argument Username results in sql injection. The attack may be initiated remotely. The exploit has been re...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3705 HIGH - 7.3

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. This issue affects some unknown processing of the file /Adminsearch.php. The manipulation of the argument flightno results in sql injection. It is possible to launch the attack remotely. The exploit has been made pub...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3701 HIGH - 8.8

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclose...

Vendor: h3c
Product: magic_b1_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3700 HIGH - 8.8

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be ...

Vendor: utt
Product: 810g_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3699 HIGH - 8.8

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

Vendor: utt
Product: 810g_firmware
Published: Mar 08, 2026
Source: NVD