Service Provider Security Vulnerabilities
A vulnerability classified as problematic was found in SourceCodester Service Provider Management System 1.0. Affected by this vulnerability is an unknown functionality of the file system_info/index.php of the component System Info Page. The manipulation of the argument System Name/System Short...
2.4CVSS
3.6AI Score
0.0004EPSS
8.8CVSS
7.5AI Score
0.001EPSS
Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server in communication between the management agent and its components, under certain conditions, it is possible to perform Remote Code Execution (RCE) on the VSPC server...
9.9CVSS
7.4AI Score
0.0004EPSS
8.8CVSS
9.2AI Score
0.0004EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
8.8AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.0004EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.001EPSS
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass...
8.7CVSS
9.1AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.033EPSS
8.8CVSS
9.2AI Score
0.05EPSS
8.8CVSS
8.8AI Score
0.061EPSS
A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provider....
7.5CVSS
7.3AI Score
0.001EPSS
An issue in Service Provider Management System v.1.0 allows a remote attacker to gain privileges via the ID parameter in the /php-spms/admin/?page=user/...
9.8CVSS
9.4AI Score
0.001EPSS
Cross Site Scripting vulnerability in Service Provider Management System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the firstname, middlename and lastname parameters in the /php-spms/admin/?page=user...
5.4CVSS
5.8AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.026EPSS
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=save_inquiry. The manipulation of the argument id leads to sql injection. The attack can be initiated...
9.8CVSS
9.6AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.029EPSS
Sourcecodester Service Provider Management System v1.0 is vulnerable to SQL Injection via the ID parameter in...
9.8CVSS
9.7AI Score
0.003EPSS
A vulnerability, which was classified as critical, was found in SourceCodester Service Provider Management System 1.0. This affects an unknown part of the file view_service.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit.....
7.2CVSS
7.3AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in SourceCodester Service Provider Management System 1.0. Affected by this issue is some unknown functionality of the file view.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely....
8.8CVSS
8.8AI Score
0.002EPSS
A vulnerability classified as critical has been found in SourceCodester Service Provider Management System 1.0. This affects an unknown part of the file /classes/Master.php?f=delete_service. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely.....
8.8CVSS
8.8AI Score
0.002EPSS
5.9CVSS
6.1AI Score
0.002EPSS
A vulnerability classified as problematic was found in SourceCodester Service Provider Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. The attack can be launched...
5.4CVSS
5.3AI Score
0.001EPSS
A vulnerability classified as problematic has been found in SourceCodester Service Provider Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The...
5.4CVSS
5.3AI Score
0.001EPSS
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/inquiries/view_inquiry.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
9.8CVSS
9.6AI Score
0.006EPSS
A vulnerability was found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=delete_inquiry. The manipulation leads to improper authorization. The attack may be launched...
9.8CVSS
9.3AI Score
0.005EPSS
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/services/manage_service.php. The manipulation of the argument id leads to sql injection. The attack can be initiated...
9.8CVSS
9.6AI Score
0.006EPSS
A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/user/manage_user.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely....
9.8CVSS
9.6AI Score
0.006EPSS
A vulnerability has been found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=save_service of the component HTTP POST Request Handler. The manipulation of the argument....
9.8CVSS
9.6AI Score
0.006EPSS
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification...
8.8CVSS
9.4AI Score
0.019EPSS
IBM Robotic Process Automation 21.0.1 through 21.0.5 is vulnerable to insufficiently protecting credentials. Queue Provider credentials are not obfuscated while editing queue provider details. IBM X-Force ID: ...
6.5CVSS
6.3AI Score
0.001EPSS