11465 matches found
CVE-2024-44639
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php...
CVE-2024-44640
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...
PT-2025-47058
Name of the Vulnerable Software and Affected Versions Simple Cafe Ordering System version 1.0 Description A security flaw exists in Simple Cafe Ordering System 1.0. The issue involves cross site scripting, potentially initiated remotely, through manipulation of the product name argument in the fi...
Code-Projects Simple Cafe Ordering System 代码注入漏洞
Simple Cafe Ordering System is a simple coffee ordering system. The Simple Cafe Ordering System suffers from a cross-site scripting vulnerability that arises from insufficient security filtering of the productname parameter in the /addtocart file. An attacker could use this vulnerability to execu...
CVE-2025-13181
A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...
CVE-2025-13181
A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...
CVE-2025-13181 pojoin h3blog add cross site scripting
A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...
CVE-2025-13181
CVE-2025-13181 affects pojoin h3blog 1.0. The vulnerability is in an unknown function within the file /admin/cms/material/add, where manipulation of the Name argument can lead to cross-site scripting. It can be exploited remotely, and public exploits have been disclosed. Remediation guidance from...
CVE-2025-11777
Mattermost versions 10.11.x = 10.11.3, 10.5.x = 10.5.11 fail to properly validate team membership permissions in the Add Channel Member API which allows users from one team to access user metadata and channel membership information from other teams via the API endpoint...
CVE-2025-13169
A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /addqueryreserve.php. Such manipulation of the argument roomid leads to sql injection. The attack can be executed remotely. The exploit has...
CVE-2024-44639
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php...
CVE-2024-44640
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...
CVE-2024-44640
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...
CVE-2025-13169 code-projects Simple Online Hotel Reservation System add_query_reserve.php sql injection
A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /addqueryreserve.php. Such manipulation of the argument roomid leads to sql injection. The attack can be executed remotely. The exploit has...
CVE-2025-13169
CVE-2025-13169 affects the Simple Online Hotel Reservation System 1.0. The vulnerability is an SQL injection in the file /add_query_reserve.php caused by unsafely handling the room_id parameter, allowing remote exploitation. Public disclosures exist, and multiple sources (CNVD, RH, CNNVD, NVD, CV...
SUSE CVE-2025-40132
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if includesidecar is true, the codec on that...
h3blog 跨站脚本漏洞
h3blog is a creation-focused light blogging system by H.C.Q's individual developers. A code injection vulnerability exists in version 1.0 of h3blog, which stems from the incorrect operation of the parameter Name in the file /admin/cms/material/add, and could lead to a cross-site scripting attack...
CVE-2024-44640
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...
PHPGurukul Student Record System 安全漏洞
Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the sub1, sub2, sub3, sub4, and course-short parameters of add-subject.php. An attacker can exploit this...
CVE-2024-44639
PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php...