5.3
CVE-2026-4572 - SourceCodester Sales and Inventory System HTTP POST Request view_product.php sql injection
A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /view_product.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack maโฆ
5.3
CVE-2026-4571 - SourceCodester Sales and Inventory System HTTP POST Request view_payments.php sql injection
A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_payments.php of the component HTTP POST Request Handler. Performing a manipulation of the argument searchtxt results in sql injection. Tโฆ
5.3
CVE-2026-4570 - SourceCodester Sales and Inventory System HTTP POST Request view_customers.php sql injection
A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /view_customers.php of the component HTTP POST Request Handler. Such manipulation of the argument searchtxt leads to sql injection. The attack can be executed remotely. The eโฆ
5.3
CVE-2026-4569 - SourceCodester Sales and Inventory System HTTP POST Request view_category.php sql injection
A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This impacts an unknown function of the file /view_category.php of the component HTTP POST Request Handler. This manipulation of the argument searchtxt causes sql injection. Remote exploitation of the attack is possiblโฆ
5.3
CVE-2026-4568 - SourceCodester Sales and Inventory System HTTP GET Request update_supplier.php sql injection
A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /update_supplier.php of the component HTTP GET Request Handler. The manipulation of the argument sid results in sql injection. The attack may be launched remotely. The exploit haโฆ
9.3
CVE-2026-4567 - Tenda A15 UploadCfg stack-based overflow
A vulnerability has been found in Tenda A15 15.13.07.13. The impacted element is the function UploadCfg of the file /cgi-bin/UploadCfg. The manipulation of the argument File leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and โฆ
8.7
CVE-2026-4566 - Belkin F9K1122 formWISP5G stack-based overflow
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be uโฆ
10
CVE-2026-4606 - GeoVision ERM Improper Privilege Assignment Leads to SYSTEM-Level Privilege
GV Edge Recording Manager (ERM) v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system.ย During installation, ERM creates a Windows service that runs under the LocalSystem account.ย When the ERM application โฆ
8.7
CVE-2026-4565 - Tenda AC21 SetNetControlList formSetQosBand buffer overflow
A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetNetControlList. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.
6.1
CVE-2026-4647 - Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library
A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause โฆ