CVE-2025-10477

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/PriProfile/eligibility.php. Such manipulation of the argument Branch leads to sql injection. The attack can be launched...

CVE-2025-10477

creationtimestamp| type| source ---|---|--- 2025-09-15 21:00:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyvpabekvn2c...

CVE-2019-10477

The FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 for GLPI 9.4.x mishandles sendXML actions...

CVE-2024-10477

A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /adminpermissions of the component Permission Management Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The explo...

CVE-2024-10477 LinZhaoguan pb-cms Permission Management Page admin#permissions cross site scripting

A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /adminpermissions of the component Permission Management Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The explo...

CVE-2024-10477 LinZhaoguan pb-cms Permission Management Page admin#permissions cross site scripting

A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /adminpermissions of the component Permission Management Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The explo...

CVE-2020-10477

CVE-2020-10477 is a reflected Cross-Site Scripting vulnerability affecting Chadha PHPKB Standard Multi-Language 9. The issue occurs in admin/manage-news.php through the GET parameter sort , allowing injection of arbitrary web script or HTML. Root cause: insufficient sanitization of the sort param...

CVE-2019-10477

The CVE covers the FusionInventory plugin for GLPI, where versions before 1.4 (GLPI 9.3.x) and before 1.1 (GLPI 9.4.x) mishandle sendXML actions. The issue is tied to the plugin’s handling of XML-sending actions, with public references indicating available fixes in the same project’s GLPI branche...

CVE-2018-10477

Foxit Reader 9.0.0.29935 is affected by CVE-2018-10477 due to a parsing flaw in U3D Chain Index objects. The issue allows remote code execution via a malicious page or file, requiring user interaction, and is due to improper validation that can cause a write past the end of an allocated object. T...

CVE-2016-10477

CVE-2016-10477 corresponds to a buffer overflow in Android devices on Qualcomm Snapdragon mobile platforms when processing smart card requests. Affected devices include Qualcomm chipsets SD 210/212/205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 82...