52 matches found
CVE-2026-6394
creationtimestamp| type| source ---|---|--- 2026-05-22 06:32:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mmgcs2lkaa2a...
CVE-2025-6394
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /addreserve.php. The manipulation of the argument firstname leads to sql injection. The attack can be...
CVE-2025-6394
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /addreserve.php. The manipulation of the argument firstname leads to sql injection. The attack can be...
CVE-2025-6394
creationtimestamp| type| source ---|---|--- 2025-06-21 02:03:08+00:00| seen| Telegram/VYISubODK9o2EhmMQtV1Poo-UEd9SUXrb4Hppof0xM5PUw 2025-06-21 03:25:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19101 2025-06-21 06:24:51+00:00| seen|...
CVE-2025-6394
The CVE-2025-6394 entry concerns code-projects Simple Online Hotel Reservation System 1.0, where the file /add_reserve.php exposes a SQL injection via the firstname parameter. This vulnerability is exploitable remotely and has been disclosed publicly. Multiple connected documents (CNVD/CNNVD/Red ...
CVE-2025-6394 code-projects Simple Online Hotel Reservation System add_reserve.php sql injection
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /addreserve.php. The manipulation of the argument firstname leads to sql injection. The attack can be...
CVE-2025-6394 code-projects Simple Online Hotel Reservation System add_reserve.php sql injection
A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /addreserve.php. The manipulation of the argument firstname leads to sql injection. The attack can be...
CVE-2024-6394
creationtimestamp| type| source ---|---|--- 2024-09-30 10:48:28+00:00| seen| https://t.me/cvedetector/6647...
CVE-2024-6394
A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The vulnerability is due to unverified path concatenation in the servejs function in app.py, which allows attackers to perform path traversal attacks. This can lead to unauthorized access to arbitrary files ...
CVE-2024-6394 Local File Inclusion in parisneo/lollms-webui
A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The vulnerability is due to unverified path concatenation in the servejs function in app.py, which allows attackers to perform path traversal attacks. This can lead to unauthorized access to arbitrary files ...
CVE-2024-6394 Local File Inclusion in parisneo/lollms-webui
A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The vulnerability is due to unverified path concatenation in the servejs function in app.py, which allows attackers to perform path traversal attacks. This can lead to unauthorized access to arbitrary files ...
CVE-2023-6394
creationtimestamp| type| source ---|---|--- 2024-01-01 07:56:35+00:00| seen| https://t.me/ctinow/161215...
com.github.t1:wunderbar.demo.product (>=2.4.8 <=2.4.9), io.quarkiverse.githubaction:quarkus-github-action (>=0.9.1 <=0.9.2) +19 more potentially affected by CVE-2023-6394 via io.quarkus:quarkus-smallrye-graphql-client (>=2.0.0.Alpha3 <=2.13.8.Final)
io.quarkus:quarkus-smallrye-graphql-client MAVEN version =2.0.0.Alpha3, =2.4.8, =0.9.1, =0.9.1, =0.9.1, =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.9.0, =2.0.0, =2.0.0.Alpha3, =2.13.8.Final and more Source cves: CVE-2023-6394...
CVE-2023-6394
CVE-2023-6394 describes an authorization bypass in Quarkus where a websocket GraphQL operation can be processed without authentication if no role-based permission is specified. This allows potential access to information and functionality beyond the granted API permissions. The NVD entry lists a ...
CVE-2023-6394
A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentication despite the endpoint being secured. This can allow an attacker to access information and...
Ubuntu 16.04 ESM / 18.04 ESM : Python vulnerability (USN-6394-2)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6394-2 advisory. USN-6394-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...
PT-2023-4351 · Trend Micro · Trend Micro Apex Central
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex Central versions prior to build 6481 Trend Micro Apex Central 2019 version = Build 6394 Description: The issue is related to insufficient validation of incoming requests in the modDeepSecurity widget of the monitoring panel o...
PT-2023-4354 · Trend Micro · Trend Micro Apex Central
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex Central version 2019 = Build 6394 Description: The issue is related to insufficient validation of incoming requests in the modTMSL widget monitoring panel module of Trend Micro Apex Central, a security monitoring and manageme...
SUSE CVE-2020-6394
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page...
Mageia: Security Advisory (MGASA-2020-0123)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...