CVE-2026-3148

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2026-3148 SourceCodester Simple and Nice Shopping Cart Script signup.php sql injection

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2026-3148 SourceCodester Simple and Nice Shopping Cart Script signup.php sql injection

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2007-3148

creationtimestamp| type| source ---|---|--- 2025-09-09 21:02:27+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lygmjfntbv2o...

CVE-2025-3148

creationtimestamp| type| source ---|---|--- 2025-04-03 07:34:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10187...

CVE-2025-3148

A vulnerability was found in codeprojects Product Management System 1.0 and classified as problematic. This issue affects some unknown processing of the component Login. The manipulation of the argument Str1 leads to buffer overflow. Attacking locally is a requirement. The exploit has been...

CVE-2025-3148

The CVE-2025-3148 entry refers to Codeprojects Product Management System version 1.0. Affected component: Login. Root cause: manipulation of the Str1 argument leads to a buffer overflow. Impact is described as potentially compromising confidentiality, integrity, and availability; exploitation is ...

Linux Distros Unpatched Vulnerability : CVE-2015-3148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a...

Ubuntu: Security Advisory (USN-6948-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3148 DedeCMS makehtml_archives_action.php sql injection

A vulnerability, which was classified as critical, has been found in DedeCMS 5.7.112. This issue affects some unknown processing of the file dede/makehtmlarchivesaction.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public...

CVE-2023-3148

Summary: CVE-2023-3148 affects SourceCodester Online Discussion Forum Site 1.0. The issue is a SQL injection in the file admin/posts/manage_post.php caused by unsanitized processing of the id parameter. This can be triggered remotely and is described as a publicly disclosed vulnerability. What is...

CVE-2023-3148 SourceCodester Online Discussion Forum Site manage_post.php sql injection

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0 and classified as critical. This issue affects some unknown processing of the file admin\posts\managepost.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit...

Oracle Linux 9 : libreswan (ELSA-2023-3148)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-3148 advisory. - Fix CVE-2023-30570:Malicious IKEv1 Aggressive Mode packets can crash libreswan Tenable has extracted the preceding description block directly from the Oracle...

RHEL 9 : libreswan (RHSA-2023:3148)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3148 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...

Debian: Security Advisory (DLA-211-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K16707: cURL and libcurl vulnerability CVE-2015-3148

Security Advisory Description cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. CVE-2015-3148 Impact Remote attackers may be able to re-use Negotiate connections as other user...

SUSE CVE-2021-3148

An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.genthin command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py...

CVE-2022-3148

creationtimestamp| type| source ---|---|--- 2022-09-08 14:15:03+00:00| seen| https://t.me/cibsecurity/49449...

CVE-2022-3148

CVE-2022-3148 describes a Cross-site Scripting (XSS) vulnerability in JGraph Draw.io (GitHub: jgraph/drawio) prior to version 20.3.0. The issue arises from how the application processes the use tag with dompurify, enabling an XSS payload to bypass CSP in some scenarios (e.g., a crafted SVG refere...

CVE-2022-3148 Cross-site Scripting (XSS) - Generic in jgraph/drawio

Cross-site Scripting XSS - Generic in GitHub repository jgraph/drawio prior to 20.3.0...