Aggregator

CVE-2026-1147 | SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0 api_patient_schedule.php Reason cross site scripting

VulDB Recent Entries
5 months ago
A vulnerability classified as problematic has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This affects an unknown part of the file /php/api_patient_schedule.php. Performing a manipulation of the argument Reason results in cross site scripting. This vulnerability is cataloged as CVE-2026-1147. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2026-1146 | SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0 api_register_patient.php firstName/lastName cross site scripting

VulDB Recent Entries
5 months ago
A vulnerability described as problematic has been identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /php/api_register_patient.php. Such manipulation of the argument firstName/lastName leads to cross site scripting. This vulnerability is listed as CVE-2026-1146. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

SOAR落地实践分享

信息安全知识库
5 months ago
本文链接


《SOAR落地实践》介绍平安科技5年来将“安全编排、自动化与响应”平台化的经验:以“自动炒菜机”理念把钓鱼研判、IP封堵、离职终端策略加固、资产富化与电话告警5大高频场景压缩至分钟级闭环,实现无人值守T+5分钟处置。分享给出SOAR选型关键——APP生态、剧本丰富度、总拥有成本与同行业案例,并剖析剧本设计、白名单校验、审批节点与重拨机制等落地细节,为准备建设或优化SOAR的团队提供可直接复用的参考模板。

CVE-2026-1145 | quickjs-ng quickjs up to 0.11.0 quickjs.c js_typed_array_constructor_ta heap-based overflow (Issue 1305)

VulDB Recent Entries
5 months ago
A vulnerability marked as critical has been reported in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function js_typed_array_constructor_ta of the file quickjs.c. This manipulation causes heap-based buffer overflow. This vulnerability is tracked as CVE-2026-1145. The attack is possible to be carried out remotely. Moreover, an exploit is present. It is suggested to install a patch to address this issue.
vuldb.com

CVE-2026-1144 | quickjs-ng quickjs up to 0.11.0 Atomics Ops quickjs.c use after free (1301/1302)

VulDB Recent Entries
5 months ago
A vulnerability labeled as critical has been found in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. This vulnerability is identified as CVE-2026-1144. The attack can be executed remotely. Additionally, an exploit exists. Applying a patch is advised to resolve this issue.
vuldb.com

Security Affairs newsletter Round 559 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs
5 months ago
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ukraine–Germany operation targets Black Basta, Russian leader wanted China-linked APT UAT-8837 targets North American critical infrastructure […]
Pierluigi Paganini

CVE-2026-1119 | itsourcecode Society Management System 1.0 delete_activity.php activity_id sql injection

Vuldb Updates
5 months ago
A vulnerability described as critical has been identified in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/delete_activity.php. Executing a manipulation of the argument activity_id can lead to sql injection. This vulnerability is registered as CVE-2026-1119. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

Managed ad