Lucene search
+L

40 matches found

cve
cve
added 2025/10/08 10:32 p.m.14 views

CVE-2025-11508

Voting System 1.0 contains a vulnerability in /admin/voters_add.php where manipulating the photo argument enables unrestricted file uploads. The issue is remotely exploitable and has publicly disclosed exploit information. No patch/version remediation details are provided in the supplied document...

9.8CVSS5AI score0.0041EPSS
Exploits1References5Affected Software1
osv
osv
added 2025/10/08 12:15 a.m.5 views

CVE-2025-11417

A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This vulnerability affects unknown code of the file /admin/votersadd.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has be...

8.8CVSS5.7AI score0.00299EPSS
Exploits1References5
osv
osv
added 2025/07/12 11:15 a.m.7 views

CVE-2025-7469

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/productadd.php. The manipulation of the argument prodname leads to sql injection. The attack may be initiated remotely. The exploit has...

9.8CVSS5.8AI score0.00394EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/06/20 12:0 a.m.5 views

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in CampCodes Sales and Inventory System version 1.0, which stems from an improper handling of the parameter Category in the file /pages/catadd.php resulting in SQL injection...

9.8CVSS7.9AI score0.00391EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/05/09 12:0 a.m.5 views

SourceCodester Online Student Clearance System 代码注入漏洞

SourceCodester Online Student Clearance System is a SourceCodester open source online student management system. A code injection vulnerability exists in SourceCodester Online Student Clearance System version 1.0, which originates from cross-site scripting due to a parameter Username operation in...

5.4CVSS4.3AI score0.005EPSS
Exploits1References6
redhatcve
redhatcve
added 2025/02/14 1:35 a.m.15 views

CVE-2024-35375

There is an arbitrary file upload vulnerability on the media add .php page in the backend of the website in version 5.7.114 of DedeCMS...

9.8CVSS7AI score0.00469EPSS
Exploits0References4
osv
osv
added 2024/12/04 10:15 p.m.6 views

CVE-2024-12181

A vulnerability classified as problematic was found in DedeCMS 5.7.116. Affected by this vulnerability is an unknown functionality of the file /member/uploadsadd.php of the component SWF File Handler. The manipulation of the argument mediatype leads to cross site scripting. The attack can be...

5.4CVSS3.7AI score0.00402EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2024/12/04 12:0 a.m.6 views

PT-2024-17473 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.116 Description: A problematic vulnerability was found in DedeCMS, affecting an unknown functionality of the file /member/uploads add.php of the component SWF File Handler. The manipulation of the mediatype argument leads ...

5.4CVSS4.1AI score0.00402EPSS
Exploits1References10
ptsecurity
ptsecurity
added 2024/10/10 12:0 a.m.4 views

PT-2024-39846 · Unknown · Sourcecodester Profile Registration Without Reload Refresh

Name of the Vulnerable Software and Affected Versions: SourceCodester Profile Registration without Reload Refresh version 1.0 Description: A vulnerability has been found in the system, marked as problematic. The issue affects an unknown functionality of the file add.php. The manipulation of the...

6.1CVSS4.3AI score0.00418EPSS
Exploits1References9
ptsecurity
ptsecurity
added 2024/09/22 12:0 a.m.4 views

PT-2024-39426 · Sourcecodester · Sourcecodester Profile Registration Without Reload Refresh

Name of the Vulnerable Software and Affected Versions: SourceCodester Profile Registration without Reload Refresh version 1.0 Description: A problem was found in the Registration Form component of the file add.php, which can lead to cross site scripting when the full name argument is manipulated...

6.1CVSS6.4AI score0.00429EPSS
Exploits1References10
cnnvd
cnnvd
added 2024/04/18 12:0 a.m.5 views

SourceCodester Home Clean Service System 代码问题漏洞

Home Clean Service System is a system for providing home cleaning services by Carlo Montero, an individual developer. A code issue vulnerability exists in SourceCodester Home Clean Service System version 1.0, which stems from a file upload vulnerability in the file adminstudent.add.php...

9.8CVSS6.8AI score0.00856EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2024/02/23 12:0 a.m.5 views

PT-2024-18336 · Unknown · Code-Projects Crime Reporting System

Name of the Vulnerable Software and Affected Versions: code-projects Crime Reporting System version 1.0 Description: A critical issue affects the processing of the file police add.php. The manipulation of the arguments police name, police id, police spec, or password leads to SQL injection. The...

8.8CVSS6.5AI score0.00537EPSS
Exploits0References8
osv
osv
added 2023/09/30 11:15 a.m.6 views

CVE-2023-5301

A vulnerability classified as critical was found in DedeCMS 5.7.111. This vulnerability affects the function AddMyAddon of the file albumadd.php. The manipulation of the argument albumUploadFiles leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed t...

8.8CVSS5.5AI score0.06187EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2023/09/30 12:0 a.m.6 views

PT-2023-32021 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.111 Description: A critical vulnerability was found in DedeCMS, affecting the AddMyAddon function of the album add.php file. The manipulation of the albumUploadFiles argument leads to os command injection. The attack can b...

8.8CVSS7.5AI score0.06187EPSS
Exploits1References8
osv
osv
added 2023/09/10 3:15 a.m.6 views

CVE-2023-4872

A vulnerability, which was classified as critical, has been found in SourceCodester Contact Manager App 1.0. This issue affects some unknown processing of the file add.php. The manipulation of the argument contact/contactName leads to sql injection. The attack may be initiated remotely. The explo...

9.8CVSS5.7AI score0.00721EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2023/09/09 12:0 a.m.11 views

PT-2023-30893 · Sourcecodester · Sourcecodester Contact Manager App

Name of the Vulnerable Software and Affected Versions: SourceCodester Contact Manager App version 1.0 Description: A vulnerability was found in the SourceCodester Contact Manager App, affecting an unknown functionality of the file add.php. This issue leads to cross-site request forgery and can be...

8.8CVSS7AI score0.00434EPSS
Exploits1References6
osv
osv
added 2021/05/06 1:15 p.m.5 views

CVE-2020-19113

Arbitrary File Upload vulnerability in Online Book Store v1.0 in adminadd.php, which may lead to remote code execution...

9.8CVSS7.6AI score0.03008EPSS
Exploits1References1
osv
osv
added 2017/12/18 5:29 a.m.4 views

CVE-2017-17730

DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flinkadd.php...

9.8CVSS5.8AI score0.01097EPSS
Exploits1References1
cnvd
cnvd
added 2017/11/21 12:0 a.m.1 views

SQL injection vulnerability in program\form\receive\data_add.php page of Dreamline Monxin enterprise station builder system

Monxin Enterprise Station Building System is a self-service station building system based on PHP language development. A SQL injection vulnerability exists in the program\form\receive\dataadd.php page of the Monxin Enterprise Station Building System. The vulnerability is due to the system failing...

7.9AI score
Exploits0
ptsecurity
ptsecurity
added 2006/12/11 12:0 a.m.7 views

PT-2006-7072 · Midicart · Midicart

Name of the Vulnerable Software and Affected Versions: Midicart affected versions not specified Description: The issue concerns an unrestricted file upload vulnerability. It allows remote authenticated users to upload arbitrary files, possibly including .php files, to the images/ directory under...

6.5CVSS6.4AI score0.012EPSS
Exploits0References6
Rows per page
Query Builder