Skip to main content
CVE-2025-15224 LOW POC PATCH Monitor

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent. [CVSS 3.1 LOW]

SSH
NVD VulDB
CVSS 3.1
3.1
EPSS
0.1%
CVE-2026-0701 LOW POC Monitor

SQL injection in the admin panel of code-projects Intern Membership Management System 1.0 allows authenticated attackers with high privileges to manipulate the Username parameter in /intern/admin/add_admin.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations should restrict administrative access and consider implementing input validation controls or upgrading to a patched version when available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2026-0729 LOW POC Monitor

SQL injection in the Intern Membership Management System 1.0 add_activity.php file allows authenticated administrators to manipulate the Title parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables an authenticated attacker with high privileges to compromise data confidentiality and integrity.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-0699 LOW POC Monitor

SQL injection in the Intern Membership Management System 1.0 admin panel allows authenticated attackers with high privileges to manipulate the activity_id parameter in edit_activity.php, potentially leading to unauthorized data access, modification, or deletion. Public exploit code exists for this vulnerability, though no patch is currently available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-0697 LOW POC Monitor

SQL injection in the Intern Membership Management System 1.0 admin panel allows remote attackers with high privileges to manipulate the admin_id parameter in /intern/admin/edit_admin.php, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-0728 LOW POC Monitor

SQL injection in the Intern Membership Management System 1.0 admin deletion function allows authenticated attackers with high privileges to manipulate the admin_id parameter and execute arbitrary database queries remotely. Public exploit code is available for this vulnerability, which affects PHP-based deployments. The vulnerability enables unauthorized data access, modification, and potential denial of service with no patch currently available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-0698 LOW POC Monitor

SQL injection in the Intern Membership Management System 1.0 admin panel allows authenticated attackers with high privileges to manipulate the admin_id parameter in /intern/admin/edit_students.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, enabling attackers to read, modify, or delete sensitive data. No patch is currently available to remediate this issue.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-0730 LOW POC Monitor

Staff Leave Management System versions up to 1.0 is affected by cross-site scripting (xss) (CVSS 2.4).

XSS Staff Leave Management System
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-0747 LOW Monitor

Exposure of sensitive information in the TeamViewer entry dashboard component in Devolutions Remote Desktop Manager 2025.3.24.0 through 2025.3.28.0 on Windows allows an external observer to view a password on screen via a defective masking feature, for example during physical observation or screen sharing. [CVSS 3.3 LOW]

Windows
NVD
CVSS 3.1
3.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy