Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 8 March 2026
RSS114 vulnerabilities published on 8 March 2026
Severity:
SourceCodester Client Database Management System: Unauthorized Access Risk
CVE-2026-3734
A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php ...
6.9
Shy2593666979 AgentChat Exposes User Data Remotely
CVE-2026-3693
A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function get_user_info/update_user_info of the file /src/backend/...
6.9
SourceCodester Employee Task Management System SQL Injection Risk
CVE-2026-3752
A flaw has been found in SourceCodester Employee Task Management System up to 1.0. The affected element is an unknown function of the file /daily-task...
5.1
SourceCodester Employee Task Management System allows SQL injection via date parameter
CVE-2026-3751
A vulnerability was detected in SourceCodester Employee Task Management System 1.0. Impacted is an unknown function of the file /daily-attendance-repo...
5.1
ContiNew Admin 4.2.0: Server-Side Request Forgery via Malicious URI
CVE-2026-3750
A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/m...
5.1
Simple Flight Ticket Booking System: SQL Injection via Admin Panel
CVE-2026-3711
A vulnerability was detected in code-projects Simple Flight Ticket Booking System 1.0. Affected is an unknown function of the file /Adminupdate.php. T...
5.1
Simple Flight Ticket Booking System SQL Injection Vulnerability
CVE-2026-3710
A security vulnerability has been detected in code-projects Simple Flight Ticket Booking System 1.0. This impacts an unknown function of the file /Adm...
5.1
Wavlink Firmware: Command Injection Risk Through Firewall Configuration
CVE-2026-3704
A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub_405B2C of the file /cgi-bin/firewall.cgi of the ...
5.1
UltraVNC on Windows can allow local malicious code execution
CVE-2026-3787
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows ...
7.3
SourceCodester Image Gallery: File Deletion Can Be Manipulated Remotely
CVE-2026-3695
A vulnerability has been found in SourceCodester Modern Image Gallery App 1.0. Impacted is an unknown function of the file /delete.php. Such manipulat...
6.9
suitenumerique messages 0.2.0: Unauthorized Access via Remote Attack
CVE-2026-3739
A security flaw has been discovered in suitenumerique messages 0.2.0. This issue affects the function ThreadAccessSerializer of the file src/backend/c...
5.3
SourceCodester Pet Grooming Software: Unauthorized Access to Financial Reports
CVE-2026-3738
A vulnerability was identified in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the component Financ...
5.3
SourceCodester Pet Grooming Software Allows Unauthorized User Access
CVE-2026-3737
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file add_user.php of the co...
5.3
xuxueli xxl-job: Unauthenticated Server-Side Request Forgery Possible
CVE-2026-3733
A vulnerability was detected in xuxueli xxl-job up to 3.3.2. This impacts an unknown function of the file source-code/src/main/java/com/xxl/job/admin/...
5.3
SourceCodester Patients Waiting Area Queue Management System: Unauthorized Access Risk
CVE-2026-3724
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. This impacts an unknown function of the file /chec...
5.3
Planet ICG-2510 1.0_20250811: Remote Code Execution through Language Configuration
CVE-2026-3697
A vulnerability was determined in Planet ICG-2510 1.0_20250811. The impacted element is the function sub_40C8E4 of the file /usr/sbin/httpd of the com...
5.3
HotGo Image Upload May Allow Attackers to Forge Server Requests
CVE-2026-3683
A vulnerability was detected in bufanyun HotGo up to 2.0. This issue affects the function ImageTransferStorage of the file /server/internal/logic/comm...
5.3
FFmate (Welovemedia) allows remote code injection up to version 2.0.15
CVE-2026-3682
A security vulnerability has been detected in welovemedia FFmate up to 2.0.15. This vulnerability affects the function Execute of the file /internal/s...
5.3
Simple Flight Ticket Booking System may allow hackers to inject malicious scripts
CVE-2026-3763
A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. The affected element is an unknown function of the file showhistor...
5.3
SourceCodester Loan Management System Can Be Hacked via Malicious Web Page Links
CVE-2026-3702
A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php...
5.3
SourceCodester Pharmacy Management System edit-profile.php XSS Attack Risk
CVE-2026-3766
A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file e...
5.1
SourceCodester Client Database Management System: Unauthorized User Deletion
CVE-2026-3761
A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user...
5.3
YiFang CMS 2.0.5 allows attackers to inject malicious code
CVE-2026-3743
A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/D_singlePageGroup.php. Executing a manipulation o...
5.1
YiFang CMS 2.0.5 Allows Unwanted Web Code Injection
CVE-2026-3742
A vulnerability was detected in YiFang CMS 2.0.5. The impacted element is the function update of the file app/db/admin/D_singlePage.php. Performing a ...
5.1
YiFang CMS 2.0.5 Allows Remote Attackers to Inject Malicious Code
CVE-2026-3741
A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/D_friendLink.php....
5.1