{
"Source": "CVE FEED",
"Title": "CVE-2026-2171 - code-projects Online Student Management System Login accounts.php sql injection",
"Content": "CVE ID : CVE-2026-2171
Published : Feb. 8, 2026, 7:16 p.m. | 41 minutes ago
Description : A vulnerability was found in code-projects Online Student Management System 1.0. Affected is an unknown function of the file accounts.php of the component Login. Performing a manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2171 - code-projects Online Student Management System Login accounts.php sql injection",
"Content": "CVE ID : CVE-2026-2171
Published : Feb. 8, 2026, 7:16 p.m. | 41 minutes ago
Description : A vulnerability was found in code-projects Online Student Management System 1.0. Affected is an unknown function of the file accounts.php of the component Login. Performing a manipulation of the argument username/password results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2188 - UTT θΏε 521G formPdbUpConfig sub_446B18 os command injection",
"Content": "CVE ID : CVE-2026-2188
Published : Feb. 8, 2026, 9:32 p.m. | 28 minutes ago
Description : A vulnerability was determined in UTT θΏε 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2188 - UTT θΏε 521G formPdbUpConfig sub_446B18 os command injection",
"Content": "CVE ID : CVE-2026-2188
Published : Feb. 8, 2026, 9:32 p.m. | 28 minutes ago
Description : A vulnerability was determined in UTT θΏε 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2187 - Tenda RX3 formSetQosBand set_qosMib_list stack-based overflow",
"Content": "CVE ID : CVE-2026-2187
Published : Feb. 8, 2026, 9:15 p.m. | 44 minutes ago
Description : A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2187 - Tenda RX3 formSetQosBand set_qosMib_list stack-based overflow",
"Content": "CVE ID : CVE-2026-2187
Published : Feb. 8, 2026, 9:15 p.m. | 44 minutes ago
Description : A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2185 - Tenda RX3 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow",
"Content": "CVE ID : CVE-2026-2185
Published : Feb. 8, 2026, 9:15 p.m. | 44 minutes ago
Description : A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2185 - Tenda RX3 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow",
"Content": "CVE ID : CVE-2026-2185
Published : Feb. 8, 2026, 9:15 p.m. | 44 minutes ago
Description : A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2186 - Tenda RX3 SetIpMacBind fromSetIpMacBind stack-based overflow",
"Content": "CVE ID : CVE-2026-2186
Published : Feb. 8, 2026, 9:15 p.m. | 44 minutes ago
Description : A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2186 - Tenda RX3 SetIpMacBind fromSetIpMacBind stack-based overflow",
"Content": "CVE ID : CVE-2026-2186
Published : Feb. 8, 2026, 9:15 p.m. | 44 minutes ago
Description : A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2184 - Great Developers Certificate Generation System csv.php os command injection",
"Content": "CVE ID : CVE-2026-2184
Published : Feb. 8, 2026, 9:15 p.m. | 44 minutes ago
Description : A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os command injection. The attack can be executed remotely. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The code repository of the project has not been active for many years.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2184 - Great Developers Certificate Generation System csv.php os command injection",
"Content": "CVE ID : CVE-2026-2184
Published : Feb. 8, 2026, 9:15 p.m. | 44 minutes ago
Description : A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os command injection. The attack can be executed remotely. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The code repository of the project has not been active for many years.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2182 - UTT θΏε 521G setSysAdm doSystem command injection",
"Content": "CVE ID : CVE-2026-2182
Published : Feb. 8, 2026, 8:15 p.m. | 1 hour, 44 minutes ago
Description : A weakness has been identified in UTT θΏε 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2182 - UTT θΏε 521G setSysAdm doSystem command injection",
"Content": "CVE ID : CVE-2026-2182
Published : Feb. 8, 2026, 8:15 p.m. | 1 hour, 44 minutes ago
Description : A weakness has been identified in UTT θΏε 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2183 - Great Developers Certificate Generation System csv.php unrestricted upload",
"Content": "CVE ID : CVE-2026-2183
Published : Feb. 8, 2026, 8:15 p.m. | 1 hour, 44 minutes ago
Description : A security vulnerability has been detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This affects an unknown part of the file /restructured/csv.php. The manipulation leads to unrestricted upload. Remote exploitation of the attack is possible. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The code repository of the project has not been active for many years.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2183 - Great Developers Certificate Generation System csv.php unrestricted upload",
"Content": "CVE ID : CVE-2026-2183
Published : Feb. 8, 2026, 8:15 p.m. | 1 hour, 44 minutes ago
Description : A security vulnerability has been detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This affects an unknown part of the file /restructured/csv.php. The manipulation leads to unrestricted upload. Remote exploitation of the attack is possible. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The code repository of the project has not been active for many years.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "08 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2195 - code-projects Online Reviewer System questions-view.php sql injection",
"Content": "CVE ID : CVE-2026-2195
Published : Feb. 8, 2026, 11:32 p.m. | 28 minutes ago
Description : A vulnerability has been found in code-projects Online Reviewer System 1.0. This vulnerability affects unknown code of the file /system/system/admins/assessments/pretest/questions-view.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2195 - code-projects Online Reviewer System questions-view.php sql injection",
"Content": "CVE ID : CVE-2026-2195
Published : Feb. 8, 2026, 11:32 p.m. | 28 minutes ago
Description : A vulnerability has been found in code-projects Online Reviewer System 1.0. This vulnerability affects unknown code of the file /system/system/admins/assessments/pretest/questions-view.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2194 - D-Link DI-7100G C1 start_proxy_client_email command injection",
"Content": "CVE ID : CVE-2026-2194
Published : Feb. 8, 2026, 11:32 p.m. | 28 minutes ago
Description : A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function start_proxy_client_email. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2194 - D-Link DI-7100G C1 start_proxy_client_email command injection",
"Content": "CVE ID : CVE-2026-2194
Published : Feb. 8, 2026, 11:32 p.m. | 28 minutes ago
Description : A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function start_proxy_client_email. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2191 - Tenda AC9 formGetDdosDefenceList stack-based overflow",
"Content": "CVE ID : CVE-2026-2191
Published : Feb. 8, 2026, 11:15 p.m. | 44 minutes ago
Description : A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2191 - Tenda AC9 formGetDdosDefenceList stack-based overflow",
"Content": "CVE ID : CVE-2026-2191
Published : Feb. 8, 2026, 11:15 p.m. | 44 minutes ago
Description : A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2192 - Tenda AC9 formGetRebootTimer stack-based overflow",
"Content": "CVE ID : CVE-2026-2192
Published : Feb. 8, 2026, 11:15 p.m. | 44 minutes ago
Description : A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.start_time/sys.schedulereboot.end_time leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2192 - Tenda AC9 formGetRebootTimer stack-based overflow",
"Content": "CVE ID : CVE-2026-2192
Published : Feb. 8, 2026, 11:15 p.m. | 44 minutes ago
Description : A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.start_time/sys.schedulereboot.end_time leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2193 - D-Link DI-7100G C1 set_jhttpd_info command injection",
"Content": "CVE ID : CVE-2026-2193
Published : Feb. 8, 2026, 11:15 p.m. | 44 minutes ago
Description : A vulnerability was detected in D-Link DI-7100G C1 24.04.18D1. Affected by this issue is the function set_jhttpd_info. Performing a manipulation of the argument usb_username results in command injection. Remote exploitation of the attack is possible.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2193 - D-Link DI-7100G C1 set_jhttpd_info command injection",
"Content": "CVE ID : CVE-2026-2193
Published : Feb. 8, 2026, 11:15 p.m. | 44 minutes ago
Description : A vulnerability was detected in D-Link DI-7100G C1 24.04.18D1. Affected by this issue is the function set_jhttpd_info. Performing a manipulation of the argument usb_username results in command injection. Remote exploitation of the attack is possible.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2190 - itsourcecode School Management System controller.php sql injection",
"Content": "CVE ID : CVE-2026-2190
Published : Feb. 8, 2026, 11:15 p.m. | 44 minutes ago
Description : A security flaw has been discovered in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/user/controller.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2190 - itsourcecode School Management System controller.php sql injection",
"Content": "CVE ID : CVE-2026-2190
Published : Feb. 8, 2026, 11:15 p.m. | 44 minutes ago
Description : A security flaw has been discovered in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/user/controller.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2189 - itsourcecode School Management System index.php sql injection",
"Content": "CVE ID : CVE-2026-2189
Published : Feb. 8, 2026, 10:15 p.m. | 1 hour, 44 minutes ago
Description : A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/report/index.php. The manipulation of the argument ay leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2189 - itsourcecode School Management System index.php sql injection",
"Content": "CVE ID : CVE-2026-2189
Published : Feb. 8, 2026, 10:15 p.m. | 1 hour, 44 minutes ago
Description : A vulnerability was identified in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/report/index.php. The manipulation of the argument ay leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2198 - code-projects Online Reviewer System loaddata.php sql injection",
"Content": "CVE ID : CVE-2026-2198
Published : Feb. 9, 2026, 1:16 a.m. | 45 minutes ago
Description : A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/admins/assessments/pretest/loaddata.php. Such manipulation of the argument difficulty_id leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2198 - code-projects Online Reviewer System loaddata.php sql injection",
"Content": "CVE ID : CVE-2026-2198
Published : Feb. 9, 2026, 1:16 a.m. | 45 minutes ago
Description : A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/admins/assessments/pretest/loaddata.php. Such manipulation of the argument difficulty_id leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2199 - code-projects Online Reviewer System user-delete.php sql injection",
"Content": "CVE ID : CVE-2026-2199
Published : Feb. 9, 2026, 1:16 a.m. | 45 minutes ago
Description : A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2199 - code-projects Online Reviewer System user-delete.php sql injection",
"Content": "CVE ID : CVE-2026-2199
Published : Feb. 9, 2026, 1:16 a.m. | 45 minutes ago
Description : A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2196 - code-projects Online Reviewer System exam-update.php sql injection",
"Content": "CVE ID : CVE-2026-2196
Published : Feb. 9, 2026, 1:16 a.m. | 45 minutes ago
Description : A vulnerability was found in code-projects Online Reviewer System 1.0. This issue affects some unknown processing of the file /system/system/admins/assessments/pretest/exam-update.php. The manipulation of the argument test_id results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2196 - code-projects Online Reviewer System exam-update.php sql injection",
"Content": "CVE ID : CVE-2026-2196
Published : Feb. 9, 2026, 1:16 a.m. | 45 minutes ago
Description : A vulnerability was found in code-projects Online Reviewer System 1.0. This issue affects some unknown processing of the file /system/system/admins/assessments/pretest/exam-update.php. The manipulation of the argument test_id results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2197 - code-projects Online Reviewer System exam-delete.php sql injection",
"Content": "CVE ID : CVE-2026-2197
Published : Feb. 9, 2026, 1:16 a.m. | 45 minutes ago
Description : A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of the argument test_id causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2197 - code-projects Online Reviewer System exam-delete.php sql injection",
"Content": "CVE ID : CVE-2026-2197
Published : Feb. 9, 2026, 1:16 a.m. | 45 minutes ago
Description : A vulnerability was determined in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/admins/assessments/pretest/exam-delete.php. This manipulation of the argument test_id causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2201 - ZeroWdd studentmanager LeaveController.java addLeave cross site scripting",
"Content": "CVE ID : CVE-2026-2201
Published : Feb. 9, 2026, 1:02 a.m. | 59 minutes ago
Description : A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The code repository of the project has not been active for many years.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2201 - ZeroWdd studentmanager LeaveController.java addLeave cross site scripting",
"Content": "CVE ID : CVE-2026-2201
Published : Feb. 9, 2026, 1:02 a.m. | 59 minutes ago
Description : A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The code repository of the project has not been active for many years.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
{
"Source": "CVE FEED",
"Title": "CVE-2026-2200 - heyewei JFinalCMS API Endpoint save cross site scripting",
"Content": "CVE ID : CVE-2026-2200
Published : Feb. 9, 2026, 1:02 a.m. | 59 minutes ago
Description : A weakness has been identified in heyewei JFinalCMS 5.0.0. This affects an unknown function of the file /admin/admin/save of the component API Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ
"Source": "CVE FEED",
"Title": "CVE-2026-2200 - heyewei JFinalCMS API Endpoint save cross site scripting",
"Content": "CVE ID : CVE-2026-2200
Published : Feb. 9, 2026, 1:02 a.m. | 59 minutes ago
Description : A weakness has been identified in heyewei JFinalCMS 5.0.0. This affects an unknown function of the file /admin/admin/save of the component API Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "09 Feb 2026",
"Type": "Vulnerability"
}
πΉ t.me/cvedetector πΉ