CVE-2026-11476

A security vulnerability has been detected in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this issue is the function edit-admin of the file controllers/AdminController.php of the component Profile Update Endpoint. The manipulation of the argument...

CVE-2025-11476

A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument loginusername leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-11476

A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument loginusername leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2025-11476 SourceCodester Simple E-Commerce Bookstore index.php sql injection

A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument loginusername leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used...

CVE-2020-11476

Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file...

CVE-2020-11476

Concrete5 before 8.5.3 is affected by an Unrestricted Upload of File with Dangerous Type vulnerability (e.g., .phar). The issue allows uploading dangerous files without proper validation, enabling potential remote code execution under the server context. Public sources (NVD, GHSA, OSV) corroborat...

CVE-2019-11476

CVE-2019-11476 covers an integer overflow in the Whoopsie service that leads to an out-of-bounds write to a heap-allocated buffer while processing large crash dumps. Affected software is the Whoopsie component on Ubuntu environments prior to the fixed versions: 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1,...

CVE-2019-11476 Integer overflow in whoopsie results in out-of-bounds heap write

An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process...

CVE-2018-11476

The CVE-2018-11476 entry concerns the Vgate iCar 2 Wi‑Fi OBD2 Dongle, where the device opens an unprotected WLAN that cannot be configured with encryption or a password. This allows anyone within WLAN range to join without authentication, constituting an authentication bypass risk in the affected...

Vgate iCar2 WiFi OBD2 Dongle Inadequate Access Protections

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unprotected WiFi access & Unencrypted data transfer product: Vgate iCar 2 WiFi OBD2 Dongle vulnerable version: Vgate iCar 2 WiFi OBD2 Dongle fixed version: - CVE number:...

nikkei225jp.com XSS vulnerability

Vulnerable URL: https://nikkei225jp.com/ssi/if/hs.php?c=%3C/script%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 09.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 11476 VIP website status:...