6.9
CVE-2026-6152 - code-projects Vehicle Showroom Management System StaffAddingFunction.php sql injection
A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/StaffAddingFunction.php. This manipulation of the argument STAFF_ID causes sql injection. The attack can be initiated remotely. The exploit has been pβ¦
6.3
CVE-2026-6179 - Stored Cross Site Scripting in NightWolf Penetration Testing Platform
Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run malicious script in user's browser
6.9
CVE-2026-6151 - code-projects Vehicle Showroom Management System PaymentStatusFunction.php sql injection
A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMER_ID results in sql injection. It is possible to launch the attack remotely. The exploit haβ¦
5.3
CVE-2026-6150 - code-projects Simple Laundry System checkupdatestatus.php cross site scripting
A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /checkupdatestatus.php. The manipulation of the argument serviceId leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to theβ¦
6.9
CVE-2026-6149 - code-projects Vehicle Showroom Management System BookVehicleFunction.php sql injection
A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing a manipulation of the argument BRANCH_ID can lead to sql injection. The attack may be performed from remote. The eβ¦
6.9
CVE-2026-6148 - code-projects Vehicle Showroom Management System MonthTotalReportUpdateFunction.php sql injection
A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. Performing a manipulation of the argument BRANCH_ID results in sql injection. The attack is possibleβ¦
5.3
CVE-2026-6143 - farion1231 cc-switch ProxyServer server.rs cross-domain policy
A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is some unknown functionality of the file src-tauri/src/proxy/server.rs of the component ProxyServer. The manipulation results in permissive cross-domain policy with untrusted domains. The attack can beβ¦
0.0
CVE-2026-6175 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
6.9
CVE-2026-6142 - tushar-2223 Hotel Management System roomdelete.php sql injection
A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. Affected by this vulnerability is an unknown functionality of the file /admin/roomdelete.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the β¦
6.2
CVE-2026-25204 - Denial of Service via Untrusted Data Deserialization in Samsung Escargot
Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort. This issue affects escarogt prior toΒ commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335