CVE-2026-3980

creationtimestamp| type| source ---|---|--- 2026-03-12 04:16:13+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3980 2026-03-12 09:24:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgu3ct5tsa2y...

CVE-2026-3980

CVE-2026-3980 affects the itsourcecode Online Doctor Appointment System 1.0. The vulnerability is in the /admin/patient_action.php routine, where manipulating the argument patient_id enables an SQL injection. It can be exploited remotely, and public disclosure is noted; exploitation status varies...

CVE-2026-3980 itsourcecode Online Doctor Appointment System patient_action.php sql injection

A vulnerability has been found in itsourcecode Online Doctor Appointment System 1.0. This impacts an unknown function of the file /admin/patientaction.php. Such manipulation of the argument patientid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...

EUVD-2026-3980

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AivahThemes Anona anona allows Path Traversal.This issue affects Anona: from n/a through = 8.0...

CVE-2019-3980

The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run...

CVE-2010-3980

Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI...

CVE-2025-3980

A vulnerability classified as problematic was found in wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System 1.0. This vulnerability affects unknown code of the file /v1/prescription/list. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has...

CVE-2025-3980

A vulnerability classified as problematic was found in wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System 1.0. This vulnerability affects unknown code of the file /v1/prescription/list. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has...

CVE-2025-3980 wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System list improper authorization

A vulnerability classified as problematic was found in wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System 1.0. This vulnerability affects unknown code of the file /v1/prescription/list. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has...

CVE-2025-3980

CVE-2025-3980 concerns wowjoy Internet Doctor Workstation System 1.0. The vulnerability resides in the /v1/prescription/list endpoint, where improper authorization on unknown code leads to remote exposure. Public exploit information is cited, and the vendor reportedly did not respond. Multiple so...

CVE-2024-3980

The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or other files that are critical to the application...

CVE-2019-3980

creationtimestamp| type| source ---|---|--- 2025-01-31 18:00:06+00:00| published-proof-of-concept| https://t.me/truesecator/6687 2025-02-01 23:08:25+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lh5my6vacb2f...

Debian: Security Advisory (DLA-3980-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:3980-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3980

The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or other files that are critical to the application...

CVE-2024-3980

The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or other files that are critical to the application...

CVE-2016-3980

creationtimestamp| type| source ---|---|--- 2024-03-25 14:38:11+00:00| seen| Telegram/iXy7dsjFz6zbDAVebZAEB91G2mRh46gbKDEU733c1d-0Dg 2024-03-25 14:38:11+00:00| seen| https://t.me/tengkorakcybercrewz/4401 2024-03-25 14:38:11+00:00| seen| https://t.me/tengkorakcybercrewz/811 2024-03-26...

CVE-2023-3980

CVE-2023-3980 affects Omeka S prior to 4.0.2 with a stored XSS vulnerability. The issue arises in how user-supplied content is stored and later rendered, allowing injected scripts to execute in a victim’s context. Public sources in the connected set consistently describe this as a stored XSS in o...

CVE-2023-3980 Cross-site Scripting (XSS) - Stored in omeka/omeka-s

Cross-site Scripting XSS - Stored in GitHub repository omeka/omeka-s prior to 4.0.2...

CVE-2023-3980 Cross-site Scripting (XSS) - Stored in omeka/omeka-s

Cross-site Scripting XSS - Stored in GitHub repository omeka/omeka-s prior to 4.0.2...