Lucene search
K

17 matches found

OSV
OSV
added 2025/11/17 4:15 a.m.2 views

CVE-2025-13260

A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

8.8CVSS5.8AI score
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/11/17 3:2 a.m.2 views

CVE-2025-13260 Campcodes Supplier Management System edit_product.php sql injection

A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

6.5CVSS6.4AI score0.00271EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/11/17 3:2 a.m.9 views

CVE-2025-13260 Campcodes Supplier Management System edit_product.php sql injection

A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/editproduct.php. Such manipulation of the argument cmbProductUnit leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to t...

6.5CVSS0.00271EPSS
Exploits1References6
CVE
CVE
added 2025/11/17 3:2 a.m.16 views

CVE-2025-13260

The vulnerability CVE-2025-13260 affects Campcodes Supplier Management System 1.0. It arises from improper handling of the cmbProductUnit parameter in the file /manufacturer/edit_product.php, enabling SQL injection. The issue is exploitable remotely and has been publicly disclosed. Connected sour...

8.8CVSS6.5AI score0.00271EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 7:13 a.m.6 views

CVE-2019-13260

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327a07...

7.8CVSS7AI score0.01215EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/09 7:12 p.m.24 views

CVE-2024-13260 Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024

Cross-Site Request Forgery CSRF vulnerability in Drupal Migrate queue importer allows Cross Site Request Forgery.This issue affects Migrate queue importer: from 0.0.0 before 2.1.1...

7AI score0.00189EPSS
Exploits0References1
OSV
OSV
added 2020/09/17 8:15 p.m.3 views

CVE-2020-13260

A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as th...

6.1CVSS6.8AI score0.01982EPSS
Exploits5References3
CVE
CVE
added 2020/09/17 7:49 p.m.81 views

CVE-2020-13260

The CVE-2020-13260 entry concerns RAD SecFlow-1v web-based management interface (SF_0290_2.3.01.26). A vulnerability allows an authenticated attacker to upload a JavaScript file as a stored XSS payload, which is saved in the system as an OVPN config or a static key file. The payload executes when...

6.1CVSS6.8AI score0.01982EPSS
Exploits5References3Affected Software1
Prion
Prion
added 2020/09/16 7:15 p.m.20 views

Cross site request forgery (csrf)

A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF02902.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on a...

9.3CVSS7.6AI score0.04663EPSS
Exploits7References2Affected Software1
Cvelist
Cvelist
added 2020/09/16 6:27 p.m.54 views

CVE-2020-13259

A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF02902.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on a...

7.7AI score0.04663EPSS
Exploits6References2
Packet Storm
Packet Storm
added 2020/09/14 12:0 a.m.513 views

RAD SecFlow-1v SF_0290_2.3.01.26 Cross Site Scripting

Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Persistent Cross-Site Scripting Date: 2020-08-31 Exploit Author: Jonatan Schor and Uriel Yochpaz Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A A...

0.1AI score0.04663EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/09/14 12:0 a.m.591 views

RAD SecFlow-1v SF_0290_2.3.01.26 - Persistent Cross-Site Scripting

Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Persistent Cross-Site Scripting Date: 2020-08-31 Exploit Author: Jonatan Schor and Uriel Yochpaz Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A A...

9.3CVSS7.4AI score0.04663EPSS
Exploits7
CVE
CVE
added 2019/07/04 3:6 p.m.49 views

CVE-2019-13260

CVE-2019-13260 affects XnView Classic 2.48. The documented issue is a User Mode Write AV starting at xnview+0x0000000000327a07, described as a buffer overflow in CNVD-2019-22456 and echoed across multiple feeds. The Red Hat and NVD entries reproduce the vulnerability’s existence but do not provid...

7.8CVSS7.6AI score0.01215EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/04 3:6 p.m.17 views

CVE-2019-13260

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327a07...

7.7AI score0.01215EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/01/07 6:0 p.m.8 views

CVE-2018-13260

...

Exploits0
CVE
CVE
added 2019/01/07 6:0 p.m.22 views

CVE-2018-13260

CVE-2018-13260 is rejected and not used as an active vulnerability entry.

7.3AI score
Exploits0
CVE
CVE
added 2018/04/04 5:0 p.m.73 views

CVE-2017-13260

CVE-2017-13260 is an information disclosure flaw in Android Bluetooth’s BNEP implementation. In bnep_data_ind of bnep_main.cc, a missing bounds check enables a possible out-of-bounds read, allowing remote disclosure without user interaction. Affected Android versions include 5.1.1, 6.0, 6.0.1, 7....

7.5CVSS6.8AI score0.07581EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder