Vendor
Lonelyuan
Products
1
CVEs
12
Across products
12
Status
Private
Products
1- 12 CVEs
Recent CVEs
12| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-7130 | Hig | 0.47 | 7.3 | 0.00 | Apr 27, 2026 | A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete_category. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. | |
| CVE-2026-7128 | Hig | 0.47 | 7.3 | 0.00 | Apr 27, 2026 | A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=save_type. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | |
| CVE-2026-5829 | Hig | 0.47 | 7.3 | 0.00 | Apr 9, 2026 | A vulnerability was determined in code-projects Simple IT Discussion Forum 1.0. The impacted element is an unknown function of the file /pages/content.php. This manipulation of the argument post_id causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | |
| CVE-2026-5828 | Hig | 0.47 | 7.3 | 0.00 | Apr 9, 2026 | A vulnerability was found in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /functions/addcomment.php. The manipulation of the argument postid results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used. | |
| CVE-2026-5827 | Hig | 0.47 | 7.3 | 0.00 | Apr 9, 2026 | A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /question-function.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |
| CVE-2026-5824 | Hig | 0.47 | 7.3 | 0.00 | Apr 9, 2026 | A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /userchecklogin.php. Such manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | |
| CVE-2026-7129 | Med | 0.28 | 4.3 | 0.00 | Apr 27, 2026 | A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /index.php?page=categories. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used. | |
| CVE-2026-5826 | Med | 0.28 | 4.3 | 0.00 | Apr 9, 2026 | A flaw has been found in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /edit-category.php. Executing a manipulation of the argument Category can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be used. | |
| CVE-2026-5825 | Med | 0.28 | 4.3 | 0.00 | Apr 9, 2026 | A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. The attack can be initiated remotely. The exploit is now public and may be used. | |
| CVE-2026-5836 | Low | 0.16 | 2.4 | 0.00 | Apr 9, 2026 | A vulnerability has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_product.php. The manipulation of the argument product_name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |
| CVE-2026-5835 | Low | 0.16 | 2.4 | 0.00 | Apr 9, 2026 | A flaw has been found in code-projects Online Shoe Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_football.php. Executing a manipulation of the argument product_name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used. | |
| CVE-2026-5834 | Low | 0.16 | 2.4 | 0.00 | Apr 9, 2026 | A vulnerability was detected in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/admin_running.php. Performing a manipulation of the argument product_name results in cross site scripting. It is possible to initiate the attack remotely. The exploit is now public and may be used. |