Lucene search
K

11461 matches found

Vulnrichment
Vulnrichment
added 2025/11/19 3:32 p.m.2 views

CVE-2025-13396 code-projects Courier Management System add-office.php sql injection

A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...

6.5CVSS6.6AI score0.00282EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/11/19 3:32 p.m.12 views

CVE-2025-13396 code-projects Courier Management System add-office.php sql injection

A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...

6.5CVSS0.00282EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/19 2:10 p.m.5 views

CVE-2025-13349

A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack ...

5.4CVSS3.6AI score0.00218EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.3 views

Code-Projects Courier Management System SQL注入漏洞

Code-Projects Courier Management System is a Code-Projects open source courier management system. A SQL injection vulnerability exists in Code-Projects Courier Management System version 1.0, which stems from an incorrect manipulation of the parameter OfficeName in the file /add-office.php, which...

9.8CVSS6.9AI score0.00282EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.8 views

PT-2025-47461

A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...

6.5CVSS6.5AI score0.00282EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/11/18 10:49 p.m.6 views

CVE-2025-13302

A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...

9.8CVSS7.1AI score0.00333EPSS
Exploits1References1
NVD
NVD
added 2025/11/18 3:16 p.m.4 views

CVE-2025-13349

A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack ...

5.4CVSS0.00218EPSS
Exploits1References5
OSV
OSV
added 2025/11/18 3:16 p.m.3 views

CVE-2025-13349

A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack ...

5.4CVSS3.9AI score0.00218EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/18 12:11 a.m.13 views

CVE-2025-13253

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /addlibrarian.php. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

8.8CVSS7AI score0.00307EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/18 12:11 a.m.11 views

CVE-2025-13254

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

8.8CVSS7.2AI score0.00307EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.5 views

PT-2025-47395

Name of the Vulnerable Software and Affected Versions Sencore SMP100 SMP Media Platform versions V4.2.160, V60.1.4, V60.1.29 Description The Sencore SMP100 SMP Media Platform is susceptible to session hijacking because of inadequate session management. An attacker on the same network as a logged-...

6.5AI score0.0019EPSS
Exploits0References4
CNVD
CNVD
added 2025/11/18 12:0 a.m.3 views

Student Record System add-course.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the course-short, course-full, and cdate parameters in add-course.php. An attacker can exploit this...

6.5CVSS8.3AI score0.0021EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/18 12:0 a.m.3 views

Simple Cafe Ordering System add_to_cart File Cross Site Scripting Vulnerability

Simple Cafe Ordering System is a simple coffee ordering system. The Simple Cafe Ordering System suffers from a cross-site scripting vulnerability that arises from insufficient security filtering of the productname parameter in the /addtocart file. An attacker could use this vulnerability to execu...

5.4CVSS4.5AI score0.00218EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/18 12:0 a.m.3 views

Student Record System add-subject.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the sub1, sub2, sub3, sub4, and course-short parameters of add-subject.php. An attacker can exploit this...

6.5CVSS8.3AI score0.0021EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/18 12:0 a.m.3 views

Simple Online Hotel Reservation System add_query_reserve.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that stems from the /addqueryreserve.php file failing to effectively filter the roomid parameter. No details of the vulnerability a...

9.8CVSS8AI score0.00385EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.5 views

PT-2025-47319

Name of the Vulnerable Software and Affected Versions SourceCodester Student Grades Management System version 1.0 Description A flaw exists in SourceCodester Student Grades Management System 1.0 related to the processing of the /grades.php file within the Add New Grade Page component. Manipulatio...

5.1CVSS5.6AI score0.00218EPSS
Exploits1References7
CVE
CVE
added 2025/11/17 10:54 p.m.22 views

CVE-2025-31361

CVE-2025-31361 describes a privilege-escalation issue in the Dell ControlVault3 WBDI Driver Broadcom Storage Adapter (WBIO_USH_ADD_RECORD) affecting Dell ControlVault3 prior to 5.15.14.19 and ControlVault3 Plus prior to 6.2.36.47. Cisco Talos reports that a specially crafted WinBioControlUnit cal...

8.7CVSS6.7AI score0.00213EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/17 10:51 p.m.1 views

EUVD-2025-197884

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

7.3CVSS6.4AI score0.00123EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/17 10:51 p.m.2 views

CVE-2025-36463 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

7.3CVSS6.4AI score0.00123EPSS
Exploits0References2
NVD
NVD
added 2025/11/17 10:15 p.m.5 views

CVE-2025-13302

A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...

9.8CVSS0.00333EPSS
Exploits1References5
Rows per page
Query Builder