Lucene search
K

11462 matches found

CNNVD
CNNVD
added 2025/11/17 12:0 a.m.4 views

Dell ControlVault3和Dell ControlVault3 Plus 安全漏洞

Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions from Dell USA. A security vulnerability exists in Dell ControlVault3 versions prior to 5.15.14.19 and Dell ControlVault3 Plus versions prior to 6.2.36.47, which stems from an elevation of privilege...

8.7CVSS6.7AI score0.00213EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.5 views

Projectworlds Advanced Library Management System SQL注入漏洞

Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in Projectworlds Advanced Library Management System version 1.0, which stems from incorrect manipulation of the parameter Username in the file...

8.8CVSS6.9AI score0.00307EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.3 views

Code-Projects Courier Management System SQL注入漏洞

Courier Management System is a courier management system. Courier Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ManagerName in the file /add-new-officer.php. An attacker can exploit this...

9.8CVSS5.9AI score0.00333EPSS
Exploits1References6
CVE
CVE
added 2025/11/16 11:32 p.m.13 views

CVE-2025-13253

CVE-2025-13253 affects projectworlds Advanced Library Management System 1.0. A SQL injection vulnerability exists in the /add_librarian.php file due to manipulation of the Username parameter. This can be exploited remotely and the exploit has been publicly disclosed. Multiple sources corroborate ...

8.8CVSS6.6AI score0.00307EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/16 5:47 p.m.9 views

CVE-2025-13202

A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /addtocart. Performing manipulation of the argument productname results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.4CVSS5.7AI score0.00218EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/16 12:0 a.m.4 views

PT-2025-47094

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System version 1.0 that allows for SQL injection. This issue is located in the /add librarian.php file, where...

6.5CVSS6.9AI score0.00307EPSS
Exploits1References7
NVD
NVD
added 2025/11/15 7:15 p.m.3 views

CVE-2025-13210

A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=add. Such manipulation of the argument PROMODEL leads to sql injection. The attack may be performed from remote. The exploit has...

9.8CVSS0.00303EPSS
Exploits1References5
EUVD
EUVD
added 2025/11/15 6:30 p.m.3 views

EUVD-2025-197703

A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /addtocart. Performing manipulation of the argument productname results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.1CVSS5.3AI score0.00218EPSS
Exploits1References6
NVD
NVD
added 2025/11/15 5:15 p.m.7 views

CVE-2025-13202

A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /addtocart. Performing manipulation of the argument productname results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.4CVSS0.00218EPSS
Exploits1References5
OSV
OSV
added 2025/11/15 5:15 p.m.3 views

CVE-2025-13202

A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /addtocart. Performing manipulation of the argument productname results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.4CVSS4.3AI score0.00218EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/11/15 5:2 p.m.8 views

CVE-2025-13202 code-projects Simple Cafe Ordering System add_to_cart cross site scripting

A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /addtocart. Performing manipulation of the argument productname results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.1CVSS0.00218EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/15 5:2 p.m.3 views

CVE-2025-13202 code-projects Simple Cafe Ordering System add_to_cart cross site scripting

A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /addtocart. Performing manipulation of the argument productname results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.1CVSS5.4AI score0.00218EPSS
Exploits1References5
CVE
CVE
added 2025/11/15 5:2 p.m.14 views

CVE-2025-13202

The CVE-2025-13202 entry concerns code-projects Simple Cafe Ordering System 1.0. A cross-site scripting vulnerability exists in the /add_to_cart mechanism, triggered by manipulating the product_name parameter in that file. The vulnerability is described as exploitable remotely, and public exploit...

5.4CVSS3.9AI score0.00218EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/15 12:47 a.m.12 views

CVE-2024-44639

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php...

6.5CVSS8AI score0.0021EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/15 12:47 a.m.11 views

CVE-2024-44640

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...

6.5CVSS8AI score0.0021EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/15 12:0 a.m.7 views

PT-2025-47058

Name of the Vulnerable Software and Affected Versions Simple Cafe Ordering System version 1.0 Description A security flaw exists in Simple Cafe Ordering System 1.0. The issue involves cross site scripting, potentially initiated remotely, through manipulation of the product name argument in the fi...

5.1CVSS5.7AI score0.00218EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/11/15 12:0 a.m.3 views

Code-Projects Simple Cafe Ordering System 代码注入漏洞

Simple Cafe Ordering System is a simple coffee ordering system. The Simple Cafe Ordering System suffers from a cross-site scripting vulnerability that arises from insufficient security filtering of the productname parameter in the /addtocart file. An attacker could use this vulnerability to execu...

5.4CVSS4.5AI score0.00218EPSS
Exploits1References6
NVD
NVD
added 2025/11/14 8:15 p.m.4 views

CVE-2025-13181

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...

5.1CVSS0.00222EPSS
Exploits1References5
OSV
OSV
added 2025/11/14 8:15 p.m.1 views

CVE-2025-13181

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...

4.8CVSS4.2AI score0.00222EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/14 8:2 p.m.2 views

CVE-2025-13181 pojoin h3blog add cross site scripting

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...

5.1CVSS3.4AI score0.00222EPSS
Exploits1References5
Rows per page
Query Builder