Lucene search
+L

34 matches found

cvelist
cvelist
added 2026/03/02 3:50 p.m.29 views

CVE-2025-52563 Chamilo: Reflected XSS via page parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability due to insufficient sanitization of the page parameter in the session/adduserstosession.php endpoint. This issue has been patched in version 1.11.30...

5.1CVSS0.00155EPSS
Exploits0References2
cnvd
cnvd
added 2026/01/19 12:0 a.m.7 views

Cyber Cafe Management System add-users.php Endpoint Cross-Site Scripting Vulnerability

Cyber Cafe Management System is an internet cafe management system. A cross-site scripting vulnerability exists in Cyber Cafe Management System that stems from the uadd parameter of the add-users.php endpoint not being sufficiently cleaned up or coded for user input, and for which no detailed...

6.1CVSS5.8AI score0.00216EPSS
Exploits2References1
cnvd
cnvd
added 2026/01/19 12:0 a.m.5 views

Cyber Cafe Management System add-users.php Endpoint SQL Injection Vulnerability

Cyber Cafe Management System is an internet cafe management system. Cyber Cafe Management System suffers from a SQL injection vulnerability that stems from the username parameter of the add-users.php endpoint not adequately validating user input, no details of the vulnerability are available at...

9.8CVSS5.9AI score0.00414EPSS
Exploits2References1
cnvd
cnvd
added 2026/01/19 12:0 a.m.10 views

Cyber Cafe Management System add-users.php Endpoint Cross-Site Scripting Vulnerability

Cyber Cafe Management System is an internet cafe management system. A cross-site scripting vulnerability exists in Cyber Cafe Management System that stems from the username parameter of the add-users.php endpoint not adequately handling the input, no details of the vulnerability are available at...

6.1CVSS5.8AI score0.00216EPSS
Exploits2References1
redhatcve
redhatcve
added 2026/01/16 2:20 a.m.8 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

6.1CVSS5.8AI score0.00216EPSS
Exploits2References1
redhatcve
redhatcve
added 2026/01/16 12:24 a.m.7 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

9.8CVSS7.8AI score0.00414EPSS
Exploits2References1
osv
osv
added 2026/01/15 9:16 p.m.25 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

9.8CVSS5.8AI score0.00414EPSS
Exploits2References2
nvd
nvd
added 2026/01/15 9:16 p.m.10 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

9.8CVSS0.00414EPSS
Exploits2References2
osv
osv
added 2026/01/15 9:16 p.m.9 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

6.1CVSS5.8AI score0.00216EPSS
Exploits2References2
nvd
nvd
added 2026/01/15 9:16 p.m.12 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

6.1CVSS0.00216EPSS
Exploits2References2
attackerkb
attackerkb
added 2026/01/15 12:0 a.m.2 views

CVE-2025-70891

A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...

6.1CVSS5.4AI score0.00216EPSS
Exploits2References3
attackerkb
attackerkb
added 2026/01/15 12:0 a.m.4 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

6.1CVSS5.4AI score0.00216EPSS
Exploits2References3
cnnvd
cnnvd
added 2026/01/15 12:0 a.m.8 views

PHPGurukul Cyber Cafe Management System 安全漏洞

Cyber Cafe Management System is an internet cafe management system. A cross-site scripting vulnerability exists in Cyber Cafe Management System that stems from the uadd parameter of the add-users.php endpoint not being sufficiently cleaned up or coded for user input, and for which no detailed...

6.1CVSS5.6AI score0.00216EPSS
Exploits2References3
vulnrichment
vulnrichment
added 2026/01/15 12:0 a.m.4 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

7.5AI score0.00414EPSS
Exploits2References2
attackerkb
attackerkb
added 2026/01/15 12:0 a.m.5 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

9.8CVSS6AI score0.00414EPSS
Exploits2References3
euvd
euvd
added 2026/01/15 12:0 a.m.5 views

EUVD-2026-2684

A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...

6.1CVSS5.2AI score0.00216EPSS
Exploits2References3
cvelist
cvelist
added 2026/01/15 12:0 a.m.25 views

CVE-2025-70891

A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...

0.00216EPSS
Exploits2References2
cvelist
cvelist
added 2026/01/15 12:0 a.m.25 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

0.00216EPSS
Exploits2References2
cvelist
cvelist
added 2026/01/15 12:0 a.m.26 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

0.00414EPSS
Exploits2References2
ptsecurity
ptsecurity
added 2026/01/15 12:0 a.m.7 views

PT-2026-3115

Name of the Vulnerable Software and Affected Versions Phpgurukul Cyber Cafe Management System version 1.0 Description The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the /add-users.php API endpoint, leading to a stored cross-site...

6.1CVSS6.3AI score0.00216EPSS
Exploits2References5
Rows per page
Query Builder