85 matches found
CVE-2026-5007
creationtimestamp| type| source ---|---|--- 2026-03-28 20:10:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi5gu4g5pn2i...
EUVD-2009-5007
Malware in sbrugna...
EUVD-2019-16094
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-5007
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping...
CVE-2025-5007
A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...
CVE-2019-5007
An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing...
CVE-2012-5007
The Fill PDF module 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to write to arbitrary PDF files via unspecified vectors related to the fillpdfmergepdf function and incorrect arguments, a different vulnerability than CVE-2012-1625. NOTE: some of these details are obtained from third...
CVE-2025-5007
A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...
CVE-2025-5007
A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...
CVE-2025-5007 Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting
A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...
CVE-2025-5007 Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting
A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...
CVE-2025-5007
Part-DB up to 1.17.0 exposes a cross-site scripting (XSS) vulnerability in the Profile Picture Feature. The issue lies in handleUpload (src/Services/Attachments/AttachmentSubmitHandler.php) where the attachment argument can be manipulated to inject scripts. It can be exploited remotely and an exp...
Malicious code in wlwz-2312-5007 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ce422b0b38894bcf0dd28be9844ac7653f6c5884543e4736fbeb834d17c8fd6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-5007
creationtimestamp| type| source ---|---|--- 2023-12-20 17:23:57+00:00| seen| https://t.me/ctinow/157167 2023-12-27 01:17:11+00:00| seen| https://t.me/ctinow/159491...
CVE-2023-5007
The CVE-2023-5007 entries describe an authenticated SQL injection in Student Information System v1.0, specifically in marks.php where the id parameter is not validated and is sent to the database unfiltered. Concrete details across connected docs: vulnerable component is marks.php (id parameter);...
CVE-2023-5007 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi)
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-5007 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi)
Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database...
Debian DSA-5007-1 : postgresql-13 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5007 advisory. Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks. For the stable distribution...
Mitsubishi Electric MELSEC-Q Series PLCs Uncontrolled Resource Consumption (CVE-2019-6535)
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet...
Mageia: Security Advisory (MGASA-2017-0111)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...