CVE-2026-3754

CVE-2026-3754 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is an SQL injection in the /add_stock.php module, triggered by manipulating the cost argument, with remote exploitation and a publicly available exploit. Multiple feeds consistently describe an unknown function...

CVE-2026-3754

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /addstock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

CVE-2026-3754 SourceCodester Sales and Inventory System add_stock.php sql injection

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /addstock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

RHSA-2024:3754

creationtimestamp| type| source ---|---|--- 2025-07-05 03:15:12+00:00| seen| Telegram/s-MyXHxfQRDkFCdBpAqom8tzuSuq39rL64NDbcTutOGe0 2025-10-09 12:11:07+00:00| seen| Telegram/FvcNQD67cBNjJyyjUe673NMSVZJDnPS-bQ-6HhEm-Z87R1U...

CVE-2011-3754

Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files...

CVE-2022-3754

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8...

CVE-2024-3754

The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-3754 Alemha Watermarker <= 1.3.1 - Author+ Stored XSS

The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-3754 Alemha Watermarker <= 1.3.1 - Author+ Stored XSS

The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17), com.charlyghislain.keycloak:keycloak-importexport (>=11.0.1 <=23.0.1) +120 more potentially affected by CVE-2021-3754 via org.keycloak:keycloak-services (>=10.0.0 <=24.0.0)

org.keycloak:keycloak-services MAVEN version =10.0.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =4.0, =1.1.1, =0.3.0-20.0.1, =2.5.5-23.0 and more Source cves: CVE-2021-3754 Source advisory: OSV:GHSA-4VC8-PG5C-VG4X...

Oracle Linux 9 : ipa (ELSA-2024-3754)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3754 advisory. - Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force Tenable...

RHEL 9 : ipa (RHSA-2024:3754)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3754 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...

WordPress Alemha watermarker Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Alemha watermarker Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3754 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID fe01f090b53e Credits Erdemstar Required...

Exploit for Improper Input Validation in Redhat Keycloak

CVE-2021-3754 This repository documents Vulnerability details...

SUSE CVE-2023-3754

A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/messageread/xxxxxxxxrandom-msg-hash. The manipulation of the argument message leads to cross site scripting. It is...

CVE-2023-3754

creationtimestamp| type| source ---|---|--- 2023-07-19 07:25:06+00:00| seen| https://t.me/cibsecurity/66992...

CVE-2023-3754

A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/messageread/xxxxxxxxrandom-msg-hash. The manipulation of the argument message leads to cross site scripting. It is...

CVE-2023-3754

CVE-2023-3754 affects Creativeitem Ekushey Project Manager CRM 5.0. A cross-site scripting vulnerability exists in an unknown function of the file /index.php/client/message/message_read/xxxxxxxx[random-msg-hash], where manipulating the message parameter enables remote XSS. The primary documents d...

CVE-2022-3754

creationtimestamp| type| source ---|---|--- 2022-10-29 16:30:08+00:00| seen| https://t.me/cibsecurity/52263...

CVE-2022-3754

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8...