13 matches found
CVE-2026-45225
creationtimestamp| type| source ---|---|--- 2026-05-13 03:46:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlpfcs6lej2z...
CVE-2026-45225
Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary locations by supplying a crafted filename with traversal sequences. Attackers can exploit the unvalidated filename parameter in th...
EUVD-2025-45225
Malicious code in socialisttyrannosaurusz3n npm...
EUVD-2023-45225
Malicious code in bioql PyPI...
CVE-2021-45225
An issue was discovered in COINS Construction Cloud 11.12. Due to improper input neutralization, it is vulnerable to reflected cross-site scripting XSS via malicious links affecting the search window and activity view window...
CVE-2023-45225
Zavio IP Cameras (CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, CD321) with firmware version M2.1.6.05 are affected by multiple stack-based overflows. The root cause is insufficient validation of allocated buffer size while processing/parsing XML elements in incomi...
CVE-2023-45225 Zavio IP Camera Stack-Based Buffer Overflow
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing certain XML elements from incoming network requests, the product does not...
Zavio IP Camera
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Zavio Equipment : IP Camera Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer, OS Command Injection 2. RISK EVALUATION Successful exploitation of these...
CVE-2022-45225
Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the booktitle parameter...
CVE-2022-45225
CVE-2022-45225 affects Book Store Management System v1.0. The vulnerability is a cross-site scripting (XSS) defect in the endpoint /bsms_ci/index.php/book , exploitable by injecting a crafted payload into the book_title parameter. The NVD/CVSS data shows a base score of 6.1 (Medium) with AV:N/AC:...
CVE-2021-45225
creationtimestamp| type| source ---|---|--- 2022-01-24 22:17:51+00:00| seen| https://t.me/cibsecurity/36158...
CVE-2021-45225
An issue was discovered in COINS Construction Cloud 11.12. Due to improper input neutralization, it is vulnerable to reflected cross-site scripting XSS via malicious links affecting the search window and activity view window...
CVE-2021-45225
COINS Construction Cloud 11.12 is affected by a reflected cross-site scripting (XSS) issue due to improper input neutralization, impacting the search window and activity view window. The primary mitigation is to update to a version that properly neutralizes input. As a temporary measure, consider...