17 matches found
CVE-2025-13260
A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...
CVE-2025-13260 Campcodes Supplier Management System edit_product.php sql injection
A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...
CVE-2025-13260 Campcodes Supplier Management System edit_product.php sql injection
A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...
CVE-2025-13260
The vulnerability CVE-2025-13260 affects Campcodes Supplier Management System 1.0. It arises from improper handling of the cmbProductUnit parameter in the file /manufacturer/edit_product.php, enabling SQL injection. The issue is exploitable remotely and has been publicly disclosed. Connected sour...
CVE-2019-13260
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327a07...
CVE-2024-13260 Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024
Cross-Site Request Forgery CSRF vulnerability in Drupal Migrate queue importer allows Cross Site Request Forgery.This issue affects Migrate queue importer: from 0.0.0 before 2.1.1...
CVE-2020-13260
A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as th...
CVE-2020-13260
The CVE-2020-13260 entry concerns RAD SecFlow-1v web-based management interface (SF_0290_2.3.01.26). A vulnerability allows an authenticated attacker to upload a JavaScript file as a stored XSS payload, which is saved in the system as an OVPN config or a static key file. The payload executes when...
Cross site request forgery (csrf)
A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF02902.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on a...
CVE-2020-13259
A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF02902.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on a...
RAD SecFlow-1v SF_0290_2.3.01.26 Cross Site Scripting
Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Persistent Cross-Site Scripting Date: 2020-08-31 Exploit Author: Jonatan Schor and Uriel Yochpaz Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A A...
RAD SecFlow-1v SF_0290_2.3.01.26 - Persistent Cross-Site Scripting
Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Persistent Cross-Site Scripting Date: 2020-08-31 Exploit Author: Jonatan Schor and Uriel Yochpaz Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A A...
CVE-2019-13260
CVE-2019-13260 affects XnView Classic 2.48. The documented issue is a User Mode Write AV starting at xnview+0x0000000000327a07, described as a buffer overflow in CNVD-2019-22456 and echoed across multiple feeds. The Red Hat and NVD entries reproduce the vulnerability’s existence but do not provid...
CVE-2019-13260
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327a07...
CVE-2018-13260
...
CVE-2018-13260
CVE-2018-13260 is rejected and not used as an active vulnerability entry.
CVE-2017-13260
CVE-2017-13260 is an information disclosure flaw in Android Bluetooth’s BNEP implementation. In bnep_data_ind of bnep_main.cc, a missing bounds check enables a possible out-of-bounds read, allowing remote disclosure without user interaction. Affected Android versions include 5.1.1, 6.0, 6.0.1, 7....