By weakness (CWE)
CWE-74: related vulnerabilities
CVEs classified under CWE-74. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
124 published vulnerabilities · page 2 of 2
- CVE-2026-11506MEDIUM 6.3
CodeAstro Leave Management System version 1.0 contains a SQL injection vulnerability in its staff deletion search functionality. An authenticated attacker can manipulate the Name parameter in the /admin/search_staff_for_deletion.php file to inject malicious SQL commands. This could allow unauthorized access to sensitive database information, modification of records, or disruption of the system. The vulnerability requires an authenticated login but poses a meaningful risk in environments where user accounts are shared or weak credential hygiene exists.
- CVE-2026-11507MEDIUM 6.3
A SQL injection vulnerability exists in CodeAstro Leave Management System version 1.0 that allows authenticated users to manipulate the leave_type parameter in the admin delete function, potentially extracting or modifying database information. The flaw requires valid login credentials but no additional user interaction, and public exploit code is available.
- CVE-2026-11508MEDIUM 6.3
CodeAstro Leave Management System version 1.0 contains a SQL injection vulnerability in its staff assignment search functionality. An authenticated attacker can manipulate the Name parameter in the /admin/search_staff_to_assign_pc.php file to inject malicious SQL commands. This allows remote exploitation without user interaction and poses a direct risk to database confidentiality, integrity, and availability. Public disclosure of this vulnerability means active exploitation is possible.
- CVE-2026-11509MEDIUM 6.3
CodeAstro Leave Management System version 1.0 contains a SQL injection vulnerability in its staff search functionality. An authenticated user can manipulate the Name parameter in the /admin/search_staff_for_updation.php file to inject arbitrary SQL commands, potentially reading or modifying sensitive employee and leave data. The vulnerability requires valid login credentials but poses a meaningful risk to organizations using this system, as it could enable unauthorized data access or manipulation by internal actors.
- CVE-2026-11510MEDIUM 6.3
CodeAstro Leave Management System version 1.0 contains a SQL injection vulnerability in its administrative interface. An authenticated attacker can manipulate the type_of_leave parameter when submitting leave requests through /admin/add_leave.php to inject malicious SQL commands. This allows unauthorized reading, modification, or deletion of database records. The vulnerability requires valid administrative credentials to exploit, but public exploit code is now available, increasing the practical risk.
- CVE-2026-11513MEDIUM 6.3
A SQL injection vulnerability exists in itsourcecode Hospital Management System version 1.0 within the adminaccount.php file. An authenticated attacker can manipulate the Date parameter to inject arbitrary SQL commands, potentially compromising data confidentiality, integrity, and availability. The vulnerability requires valid login credentials but can be exploited over the network. Public exploits are available.
- CVE-2026-11514MEDIUM 6.3
itsourcecode Hospital Management System version 1.0 contains a SQL injection vulnerability in the patient admission form. An authenticated attacker can manipulate the admission time parameter in the /addpatient.php file to inject malicious SQL commands, potentially reading, modifying, or deleting database records. The vulnerability requires valid user credentials but can be exploited remotely with no additional user interaction.
- CVE-2026-11529MEDIUM 6.3
A SQL injection vulnerability exists in the mysql-mcp-server component (versions up to 0.2.2) that allows authenticated users to execute arbitrary SQL commands by manipulating URI parameters. An attacker with valid credentials can read, modify, or delete database records. The vulnerability has been publicly disclosed, increasing immediate risk. Upgrading to version 0.3.0 eliminates the issue.
- CVE-2026-11558MEDIUM 6.3
CodeAstro Payroll System version 1.0 contains a SQL injection vulnerability in the /home_salary.php file. An authenticated attacker can manipulate the rate or salary_rate parameter to inject malicious SQL commands, potentially allowing them to read, modify, or delete sensitive payroll data. The vulnerability requires a valid user login but can be exploited over the network without user interaction once authenticated.
- CVE-2026-11559MEDIUM 6.3
A SQL injection vulnerability exists in CodeAstro Payroll System version 1.0 that allows authenticated users to manipulate database queries through the ID parameter in the /view_account.php file. An attacker with valid credentials can inject malicious SQL commands to access, modify, or delete sensitive payroll data. The vulnerability is network-accessible and does not require additional user interaction, though authentication is required. Public exploits are now available, increasing the risk of active exploitation.
- CVE-2026-11583MEDIUM 6.3
CodeAstro Student Attendance Management System version 1.0 contains a SQL injection vulnerability in the class creation administrative function. An authenticated attacker can manipulate the className input parameter to inject malicious SQL commands, potentially reading, modifying, or deleting database records. The vulnerability requires valid login credentials but can be exploited over the network without additional user interaction.
- CVE-2026-11584MEDIUM 6.3
A SQL injection vulnerability exists in CodeAstro Student Attendance Management System version 1.0 that allows authenticated users to manipulate a parameter in the class editing interface and execute arbitrary database commands. An attacker with login credentials can inject malicious SQL through the ID argument to read, modify, or delete sensitive student and attendance data. The vulnerability is network-accessible and exploit code has been publicly disclosed, increasing the practical attack surface.
- CVE-2026-11585MEDIUM 6.3
CodeAstro Student Attendance Management System version 1.0 contains a SQL injection vulnerability in its class management functionality. An authenticated attacker can manipulate the classId parameter in the createClassArms.php file to inject malicious SQL commands, potentially allowing unauthorized access to or modification of the database. The vulnerability requires user authentication but can be exploited remotely without user interaction.
- CVE-2026-10222MEDIUM 5.6
A vulnerability exists in NousResearch's hermes-agent software that allows attackers to inject malicious code through improper sanitization of environment variables. The flaw resides in the configuration parsing logic and can be exploited remotely, though successful exploitation requires substantial technical knowledge and effort. While a public exploit exists, the attack surface is limited by high complexity requirements. This is a medium-severity issue affecting versions up to 2026.4.30.
- CVE-2026-10688MEDIUM 5.5
A code injection vulnerability exists in ahujasid blender-mcp, a tool used for integrating Blender with model context protocol systems. An authenticated attacker can inject and execute arbitrary code by manipulating the 'code' parameter passed to the execute_blender_code function in the server. The vulnerability has been publicly disclosed and exploit code is available. The project uses rolling releases, making it difficult to identify fixed versions; however, the maintainers have been notified but have not yet responded with a patch or mitigation guidance.
- CVE-2026-11487MEDIUM 5.3
Neovim versions up to 0.12.2 contain a command injection vulnerability in the secure.lua module's path-handling function. An authenticated local attacker can manipulate the path argument to execute arbitrary commands with the privileges of the Neovim process. The vulnerability requires local access and user-level privileges, making it a risk primarily in multi-user systems or environments where untrusted users have shell access to machines running Neovim.
- CVE-2026-11455MEDIUM 5.0
MetaGPT versions up to 0.8.2 contain a command injection vulnerability in the common utility module. An authenticated attacker can manipulate the mermaid.path argument to inject arbitrary system commands, potentially leading to unauthorized code execution. The flaw requires significant technical knowledge to exploit and has become public, increasing risk posture for organizations running affected versions.
- CVE-2026-10155MEDIUM 4.7
A SQL injection vulnerability exists in Bdtask Multi-Store Inventory Management System version 1.0 within the Accounts Report Handler. An authenticated attacker can manipulate the 'dtpToDate' parameter in the accounts report search function to inject malicious SQL commands. While the vulnerability requires high privileges to exploit, successful attacks could leak sensitive financial data, modify account records, or disrupt reporting functionality. Public exploit code is available, increasing real-world risk.
- CVE-2026-10171MEDIUM 4.7
A SQL injection vulnerability exists in code-projects Online Music Site version 1.0 that allows authenticated administrators to manipulate the ID parameter in the album update functionality. An attacker with admin credentials can inject malicious SQL commands through the /Administrator/PHP/AdminUpdateAlbum.php endpoint, potentially compromising database integrity and confidentiality. The vulnerability has been publicly disclosed and exploit code is available, increasing the likelihood of active exploitation.
- CVE-2026-10237MEDIUM 4.7
A SQL injection vulnerability was identified in SourceCodester Water Billing Management System version 1.0. An authenticated administrator can manipulate the ID parameter in the user management interface to inject malicious SQL commands, potentially reading or modifying sensitive database records. The vulnerability requires administrative privileges to exploit but poses a risk to data integrity and confidentiality within billing systems. Public proof-of-concept code exists, elevating the practical risk of exploitation.
- CVE-2026-10248MEDIUM 4.7
SourceCodester's Pharmacy Sales and Inventory System version 1.0 and earlier contains a CSV injection vulnerability in its supplier creation interface. An authenticated attacker with high privileges can inject malicious CSV formulas through the Address or Company Name fields when exporting supplier data, potentially causing data corruption, formula execution, or information disclosure when a user opens the exported file in a spreadsheet application.
- CVE-2026-11448MEDIUM 4.7
GL.iNet GL-MT3000 routers running firmware version 4.4.5 and earlier contain a command injection flaw in the Minidlna service. An authenticated remote attacker can manipulate a specific parameter to inject arbitrary commands, potentially allowing them to execute code on the device. The vulnerability requires administrative privileges to exploit and has been resolved in firmware version 4.7 through enhanced input validation added to the SDK.
- CVE-2026-10661MEDIUM 4.3
A vulnerability in the blender-mcp project allows an authenticated attacker to inject malicious input through the input_image_url parameter in the Open function of src/blender_mcp/server.py. Because authentication is required and the vulnerability only exposes limited information (not enabling code execution or system availability impact), the overall risk is moderate. However, the public disclosure means exploitation techniques are now accessible to threat actors.
- CVE-2026-11511LOW 3.5
Bolt CMS versions up to 3.7.5 contain a vulnerability in how it handles HTML attributes within text fields. An authenticated attacker can manipulate the 'style' argument to inject arbitrary HTML code, potentially affecting the visual presentation or behavior of a web page. The vulnerability requires user interaction (a user must view the injected content) and authentication, limiting its immediate risk. However, because Bolt CMS is no longer actively maintained, affected organizations should plan transitions away from this platform.