Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/02/08 7:22 p.m.6 views

CVE-2026-2105

A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\DeptController.java of the component Department Management...

8.8CVSS6.1AI score0.00276EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/07 5:2 p.m.3 views

CVE-2026-2105

A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\DeptController.java of the component Department Management...

6.5CVSS6.2AI score0.00276EPSS
Exploits1References6
EUVD
EUVD
added 2026/02/07 5:2 p.m.3 views

EUVD-2026-5722

A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\DeptController.java of the component Department Management...

6.5CVSS5.1AI score0.00276EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/02/07 12:0 a.m.10 views

warehouse 授权问题漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There are authorization issues in Warehouse; these issues stem from incorrect operations in the Department Management component, specifically in the file...

8.8CVSS6.6AI score0.00276EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29268

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00411EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-31431

Malicious code in bioql PyPI...

4.8CVSS4AI score0.00272EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-6462

Malicious code in bioql PyPI...

4.8CVSS4AI score0.00295EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/29 10:56 a.m.7 views

CVE-2025-11069

A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...

4.8CVSS5.6AI score0.00272EPSS
Exploits1References1
NVD
NVD
added 2025/09/27 5:15 p.m.6 views

CVE-2025-11069

A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...

4.8CVSS0.00272EPSS
Exploits1References4
OSV
OSV
added 2025/09/27 5:15 p.m.5 views

CVE-2025-11069

A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...

4.8CVSS4.1AI score0.00272EPSS
Exploits1References4
CVE
CVE
added 2025/09/27 4:32 p.m.15 views

CVE-2025-11069

CVE-2025-11069 (westboy CicadasCMS 1.0) affects the Add Department Handler: the vulnerability arises from manipulating the Name argument in the file /system/org/save, enabling cross-site scripting. The issue is exploitable remotely and, per multiple sources, the exploit has been publicly disclose...

4.8CVSS5.4AI score0.00272EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/09/27 4:32 p.m.11 views

CVE-2025-11069 westboy CicadasCMS Add Department save cross site scripting

A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...

4.8CVSS0.00272EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/27 4:32 p.m.3 views

CVE-2025-11069 westboy CicadasCMS Add Department save cross site scripting

A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotel...

4.8CVSS5.4AI score0.00272EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/09/27 12:0 a.m.4 views

CicadasCMS 代码注入漏洞

CicadasCMS is a content management framework based on SpringBoot Mybatis SpringSecurity Vue developed by westboy individual developer in China. A code injection vulnerability exists in CicadasCMS version 1.0, which originates from the incorrect operation of the parameter Name by the component Add...

4.8CVSS4.2AI score0.00272EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/17 12:49 a.m.10 views

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

5.4CVSS7.3AI score0.00411EPSS
Exploits1References1
OSV
OSV
added 2025/09/15 10:15 p.m.4 views

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

5.4CVSS6.1AI score0.00411EPSS
Exploits1References3
NVD
NVD
added 2025/09/15 10:15 p.m.4 views

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

5.4CVSS0.00411EPSS
Exploits1References3
CVE
CVE
added 2025/09/15 12:0 a.m.18 views

CVE-2025-57117

An analysis of CVE-2025-57117, with multiple connected sources, confirms a Clickjacking vulnerability in Rems’ Employee Management System v1.0. The issue resides in the department.php page where an attacker can inject a malicious payload via the Department Name field under Add Department to execu...

5.4CVSS6.9AI score0.00411EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.6 views

PT-2025-37768

Name of the Vulnerable Software and Affected Versions Rems' Employee Management System version 1.0 Description A Clickjacking issue exists that allows remote attackers to execute arbitrary JavaScript. The issue is present on the 'department.php' page and involves injecting a malicious payload int...

5.4CVSS7.4AI score0.00411EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/03/19 7:19 a.m.7 views

CVE-2025-2366

A vulnerability, which was classified as problematic, was found in gougucms 4.08.18. This affects the function add of the file /admin/department/add of the component Add Department Page. The manipulation of the argument title leads to cross site scripting. It is possible to initiate the attack...

4.8CVSS6.1AI score0.00295EPSS
Exploits0References1
Rows per page
Query Builder