CVE-2025-6890

A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ticketConfirmation.php. The manipulation of the argument Date leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-6890 code-projects Movie Ticketing System ticketConfirmation.php sql injection

A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ticketConfirmation.php. The manipulation of the argument Date leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-6890

CVE-2025-6890 affects code-projects Movie Ticketing System 1.0. The vulnerability is an SQL injection in the /ticketConfirmation.php file caused by manipulation of the Date argument. Impact is described as high for confidentiality, integrity, and availability. The issue can be exploited remotely,...

CVE-2024-6890

creationtimestamp| type| source ---|---|--- 2024-08-08 02:11:00+00:00| seen| https://t.me/cvedetector/2735...

Journyx 11.5.4 Unauthenticated Password Reset Bruteforce Vulnerability

Journyx version 11.5.4 suffers from an issue where password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password. Title: Journyx Unauthenticated...

Journyx 11.5.4 Unauthenticated Password Reset Bruteforce

KL-001-2024-007: Journyx Unauthenticated Password Reset Bruteforce Title: Journyx Unauthenticated Password Reset Bruteforce Advisory ID: KL-001-2024-007 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-007.txt 1. Vulnerability Details Affected...

CVE-2024-6890

Password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password...

CVE-2024-6890 Journyx Unauthenticated Password Reset Bruteforce

Password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password...

CVE-2024-6890 Journyx Unauthenticated Password Reset Bruteforce

Password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password...

Journyx Unauthenticated Password Reset Bruteforce

Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx jtime Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-321: Use of Hard-coded Cryptographic Key, CWE-334: Small Space of Random Values, CWE-799: Improper Control of Interaction Frequency CVE ID:...

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6890-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6890-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially explo...

CVE-2023-6890

CVE-2023-6890 is a stored Cross‑site Scripting (XSS) vulnerability in the PHPMyFAQ project. The issue affects versions prior to 3.1.17 and stems from inadequate input filtering/escaping of user-supplied data, enabling an attacker to inject and execute arbitrary web script or HTML. The vulnerabili...

CVE-2018-6890

creationtimestamp| type| source ---|---|--- 2023-10-25 07:52:21+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/19...

Mageia: Security Advisory (MGASA-2014-0080)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-6890

CVE-2020-6890 entry is rejected/not used and does not represent an active vulnerability.

CVE-2020-6890

...

CVE-2018-17679

Foxit Reader 9.2.0.9297 and earlier versions are affected by CVE-2018-17679, a PDF parsing vulnerability that allows remote code execution via a use-after-free in document element handling. The flaw can be triggered when a user opens a malicious file or visits a malicious page, enabling code exec...

CVE-2018-17679

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-6890

Wolf CMS 0.8.3.1 is affected by a Cross-Site Scripting (XSS) vulnerability via the page editing feature (/?/admin/page/edit/3). The issue is documented in CVE-2018-6890 with both NVD and CNVD entries confirming an XSS flaw in Wolf CMS 0.8.3.1. The connected sources corroborate that the vulnerabil...

SUSE SLED12 Security Update : libraw (SUSE-SU-2017:2300-1)

This update for libraw fixes the following issues : - CVE-2015-3885: A specially crafted raw image file could have caused a Denial of Service through an integer overflow. bsc930683 - CVE-2015-8367: The function phaseonecorrect did not handle memory object initialization correctly, which may have...