73 matches found
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
PT-2026-2682
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description An issue exists that allows for privilege escalation on affected systems. This could allow attackers to gain elevated access. Recommendations At the moment, there is no information about a...
CVE-2019-2682
Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite subcomponent: Attachments / File Upload. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker wit...
CVE-2024-2682
A vulnerability classified as problematic has been found in Campcodes Online Job Finder System 1.0. Affected is an unknown function of the file /admin/employee/controller.php. The manipulation of the argument EMPLOYEEID leads to cross site scripting. It is possible to launch the attack remotely...
CVE-2023-2682
A vulnerability was found in Caton Live up to 2023-04-26 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/ping.cgi of the component MiniHTTPD. The manipulation of the argument address with the input ;id;uname$IFS-a leads to command injection. The attack...
CVE-2022-2682
A vulnerability, which was classified as problematic, has been found in SourceCodester Alphaware Simple E-Commerce System. Affected by this issue is some unknown functionality of the file stockin.php. The manipulation of the argument id with the input '" leads to cross site scripting. The attack...
CVE-2004-2682
PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which allows context-dependent attackers to obtain the server's private key by determining factors using timing differences on 1 the number of extra reductions during Montgomery reduction, and 2 the use of different integer...
CVE-2025-2682
creationtimestamp| type| source ---|---|--- 2025-03-24 05:30:30+00:00| seen| Telegram/-BH2xfZualv0FtknMT93NmuRcs1qQQpmOW2m0bL-A1YU30 2025-03-24 05:51:32+00:00| seen| https://t.me/cvedetector/20931 2025-03-24 08:24:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ll4de2bkma2h...
CVE-2025-2682 PHPGurukul Bank Locker Management System edit-subadmin.php sql injection
A vulnerability classified as critical has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file /edit-subadmin.php?said=3. The manipulation of the argument mobilenumber leads to sql injection. It is possible to initiate the attack remotely. The...
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2024-2682)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-2682 Campcodes Online Job Finder System controller.php cross site scripting
A vulnerability classified as problematic has been found in Campcodes Online Job Finder System 1.0. Affected is an unknown function of the file /admin/employee/controller.php. The manipulation of the argument EMPLOYEEID leads to cross site scripting. It is possible to launch the attack remotely...
CVE-2024-2682
CVE-2024-2682 affects Campcodes Online Job Finder System 1.0. The vulnerability is an unspecified function in /admin/employee/controller.php where manipulating the EMPLOYEEID argument results in cross-site scripting. Attacks can be launched remotely, and exploitation details have been disclosed p...
CVE-2020-2682
creationtimestamp| type| source ---|---|--- 2023-11-29 14:19:25+00:00| seen| https://t.me/arpsyndicate/750...
CVE-2023-2682
creationtimestamp| type| source ---|---|--- 2023-05-12 16:26:50+00:00| seen| https://t.me/cibsecurity/64009...
CVE-2023-2682 Caton Live Mini_HTTPD ping.cgi command injection
A vulnerability was found in Caton Live up to 2023-04-26 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/ping.cgi of the component MiniHTTPD. The manipulation of the argument address with the input ;id;uname$IFS-a leads to command injection. The attack...
CVE-2023-2682
The CVE-2023-2682 issue affects Caton Live (Mini_HTTPD) and centers on command injection via the /cgi-bin/ping.cgi endpoint. The root cause is manipulation of the address parameter with the input ;id;uname${IFS}-a, enabling remote code execution. Public details indicate the vulnerability is prese...
Debian: Security Advisory (DLA-251-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-2682
CVE-2022-2682 affects SourceCodester Alphaware Simple E-Commerce System, specifically the stockin.php/stock.php component. The vulnerability is a cross-site scripting (XSS) flaw triggered by manipulating the id argument (e.g., '">) to inject script code. It can be exploited remotely; the explo...
Mageia: Security Advisory (MGASA-2020-0065)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...