Lucene search
K

11462 matches found

EUVD
EUVD
added 2025/11/17 10:51 p.m.1 views

EUVD-2025-197884

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

7.3CVSS6.4AI score0.00123EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/17 10:51 p.m.2 views

CVE-2025-36463 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

7.3CVSS6.4AI score0.00123EPSS
Exploits0References2
NVD
NVD
added 2025/11/17 10:15 p.m.5 views

CVE-2025-13302

A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...

9.8CVSS0.00333EPSS
Exploits1References5
OSV
OSV
added 2025/11/17 10:15 p.m.3 views

CVE-2025-13302

A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...

9.8CVSS5.8AI score0.00333EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/11/17 9:32 p.m.9 views

CVE-2025-13302 code-projects Courier Management System add-new-officer.php sql injection

A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...

5.8CVSS0.00333EPSS
Exploits1References5
CVE
CVE
added 2025/11/17 9:32 p.m.7 views

CVE-2025-13302

Summary (validated by connected sources): The Courier Management System 1.0 is affected by a SQL injection in the file /add-new-officer.php, triggered by manipulating the ManagerName parameter. This vulnerability is remotely exploitable, and multiple sources report public exploitation details. Im...

9.8CVSS5.3AI score0.00333EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/17 9:32 p.m.8 views

CVE-2025-13302 code-projects Courier Management System add-new-officer.php sql injection

A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...

5.8CVSS5.2AI score0.00333EPSS
Exploits1References5
EUVD
EUVD
added 2025/11/17 9:32 p.m.4 views

EUVD-2025-197877

A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...

5.8CVSS5AI score0.00333EPSS
Exploits1References6
OSV
OSV
added 2025/11/17 4:15 p.m.4 views

CVE-2025-63748

QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...

8.8CVSS5.9AI score0.00378EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/17 3:30 a.m.4 views

EUVD-2025-197738

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

6.5CVSS6.7AI score0.00307EPSS
Exploits1References5
NVD
NVD
added 2025/11/17 1:15 a.m.4 views

CVE-2025-13254

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

8.8CVSS0.00307EPSS
Exploits1References4
EUVD
EUVD
added 2025/11/17 12:30 a.m.4 views

EUVD-2025-197733

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /addlibrarian.php. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

6.5CVSS6.5AI score0.00307EPSS
Exploits1References6
OSV
OSV
added 2025/11/17 12:15 a.m.5 views

CVE-2025-13253

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /addlibrarian.php. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

8.8CVSS5.7AI score0.00307EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/11/17 12:2 a.m.9 views

CVE-2025-13254 projectworlds Advanced Library Management System add_member.php sql injection

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

6.5CVSS0.00307EPSS
Exploits1References4
CVE
CVE
added 2025/11/17 12:2 a.m.11 views

CVE-2025-13254

CVE-2025-13254 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in the unknown code path of /add_member.php where manipulation of the roll_number parameter enables SQL injection. Exploitation may be remote and public exploitation is indicated by the sources. The ...

8.8CVSS6.5AI score0.00307EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/17 12:2 a.m.4 views

CVE-2025-13254 projectworlds Advanced Library Management System add_member.php sql injection

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

6.5CVSS6.5AI score0.00307EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/11/17 12:0 a.m.8 views

CVE-2025-63748

QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...

0.00378EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.8 views

PT-2025-47158

Name of the Vulnerable Software and Affected Versions QaTraq version 6.9.2 Description Authenticated users can upload arbitrary files through the "Add Attachment" feature within the "Test Script" module. The application does not restrict file types, allowing the upload of executable PHP files...

8.8CVSS7AI score0.00378EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.6 views

PT-2025-47209

Name of the Vulnerable Software and Affected Versions code-projects Courier Management System version 1.0 Description A flaw exists in code-projects Courier Management System 1.0 that allows for remote code execution. The issue is located in the file /add-new-officer.php. Manipulation of the...

5.8CVSS8.1AI score0.00333EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2025/11/17 12:0 a.m.2 views

CVE-2025-63748

QaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The application fails to restrict file types, enabling the upload of executable PHP files. Once uploaded, the file can be accessed through the "View Attachment" option,...

6.6AI score0.00378EPSS
Exploits1References2
Rows per page
Query Builder