CZ Loan Management <= 1.1 - SQL Injection

The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. id: CVE-2024-5975 info: name: CZ Loan Management = 1.1 - SQL Injection author...

MINI-V5CR-5975-2M2M

Bulletin has no description...

CVE-2026-5975

creationtimestamp| type| source ---|---|--- 2026-04-09 21:23:00+00:00| seen| Telegram/B-z3crZ1dI3tmPIxruR2FuLMmThruFg0zQ194epA7uIe11s 2026-04-09 21:27:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3qqwsz2r2t 2026-04-10 08:04:34+00:00| seen|...

MINI-2HJV-5975-Q2MJ

Bulletin has no description...

ECHO-124E-41CD-5975

Bulletin has no description...

DSA-5975-1 linux - security update

Bulletin has no description...

CVE-2025-5975

creationtimestamp| type| source ---|---|--- 2025-06-10 20:31:47+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17989 2025-06-10 21:28:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrbtjpu5ak2m...

CVE-2025-5975

A vulnerability, which was classified as problematic, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /rpms/download-pass.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotel...

CVE-2025-5975

PHPGurukul Rail Pass Management System 1.0 contains a cross-site scripting vulnerability in the /rpms/download-pass.php file. The issue arises from improper handling of the searchdata parameter, allowing remote attacker input to be executed in a user context. Public disclosures exist; multiple so...

CVE-2024-5975

The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

CVE-2023-5975

The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.6. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to update the plugin settings via a forged...

CVE-2020-5975

NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure...

CVE-2012-5975

The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session...

Linux Distros Unpatched Vulnerability : CVE-2017-5975

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the zzipget64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers...

CVE-2024-5975

creationtimestamp| type| source ---|---|--- 2024-07-30 09:02:44+00:00| seen| https://t.me/cvedetector/1985...

CVE-2024-5975

The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

CVE-2024-5975 CZ Loan Management <= 1.1 - Unauthenticated SQLi

The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

WordPress CZ Loan Management Plugin <= 1.1 is vulnerable to SQL Injection

Software CZ Loan Management Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5975 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID c42111d4bd74 Credits Project Black Required privilege Unauthenticated...

RHEL 7 : zziplib (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zziplib: uncontrolled memory allocation in zzipparserootdirectory in zzip/zip.c CVE-2018-6869 - Heap-base...

CVE-2023-5975

CVE-2023-5975 : The ImageMapper WordPress plugin (