Lucene search
K

11465 matches found

RedhatCVE
RedhatCVE
added 2025/11/15 12:47 a.m.12 views

CVE-2024-44639

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php...

6.5CVSS8AI score0.0021EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/15 12:47 a.m.12 views

CVE-2024-44640

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...

6.5CVSS8AI score0.0021EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/15 12:0 a.m.7 views

PT-2025-47058

Name of the Vulnerable Software and Affected Versions Simple Cafe Ordering System version 1.0 Description A security flaw exists in Simple Cafe Ordering System 1.0. The issue involves cross site scripting, potentially initiated remotely, through manipulation of the product name argument in the fi...

5.1CVSS5.7AI score0.00218EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/11/15 12:0 a.m.3 views

Code-Projects Simple Cafe Ordering System 代码注入漏洞

Simple Cafe Ordering System is a simple coffee ordering system. The Simple Cafe Ordering System suffers from a cross-site scripting vulnerability that arises from insufficient security filtering of the productname parameter in the /addtocart file. An attacker could use this vulnerability to execu...

5.4CVSS4.5AI score0.00218EPSS
Exploits1References6
NVD
NVD
added 2025/11/14 8:15 p.m.4 views

CVE-2025-13181

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...

5.1CVSS0.00222EPSS
Exploits1References5
OSV
OSV
added 2025/11/14 8:15 p.m.1 views

CVE-2025-13181

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...

4.8CVSS4.2AI score0.00222EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/14 8:2 p.m.2 views

CVE-2025-13181 pojoin h3blog add cross site scripting

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclos...

5.1CVSS3.4AI score0.00222EPSS
Exploits1References5
CVE
CVE
added 2025/11/14 8:2 p.m.11 views

CVE-2025-13181

CVE-2025-13181 affects pojoin h3blog 1.0. The vulnerability is in an unknown function within the file /admin/cms/material/add, where manipulation of the Name argument can lead to cross-site scripting. It can be exploited remotely, and public exploits have been disclosed. Remediation guidance from...

5.1CVSS3.4AI score0.00222EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/14 6:2 p.m.6 views

CVE-2025-11777

Mattermost versions 10.11.x = 10.11.3, 10.5.x = 10.5.11 fail to properly validate team membership permissions in the Add Channel Member API which allows users from one team to access user metadata and channel membership information from other teams via the API endpoint...

4.3CVSS6.7AI score0.00159EPSS
Exploits0References1
NVD
NVD
added 2025/11/14 4:15 p.m.9 views

CVE-2025-13169

A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /addqueryreserve.php. Such manipulation of the argument roomid leads to sql injection. The attack can be executed remotely. The exploit has...

9.8CVSS0.00385EPSS
Exploits1References5
NVD
NVD
added 2025/11/14 4:15 p.m.4 views

CVE-2024-44639

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php...

6.5CVSS0.0021EPSS
Exploits1References2
NVD
NVD
added 2025/11/14 4:15 p.m.4 views

CVE-2024-44640

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...

6.5CVSS0.0021EPSS
Exploits1References2
OSV
OSV
added 2025/11/14 4:15 p.m.3 views

CVE-2024-44640

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...

6.5CVSS5.8AI score0.0021EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/14 3:32 p.m.4 views

CVE-2025-13169 code-projects Simple Online Hotel Reservation System add_query_reserve.php sql injection

A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /addqueryreserve.php. Such manipulation of the argument roomid leads to sql injection. The attack can be executed remotely. The exploit has...

7.5CVSS7.3AI score0.00385EPSS
Exploits1References5
CVE
CVE
added 2025/11/14 3:32 p.m.17 views

CVE-2025-13169

CVE-2025-13169 affects the Simple Online Hotel Reservation System 1.0. The vulnerability is an SQL injection in the file /add_query_reserve.php caused by unsafely handling the room_id parameter, allowing remote exploitation. Public disclosures exist, and multiple sources (CNVD, RH, CNNVD, NVD, CV...

9.8CVSS7.3AI score0.00385EPSS
Exploits1References5Affected Software1
SUSE CVE
SUSE CVE
added 2025/11/14 12:25 a.m.5 views

SUSE CVE-2025-40132

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if includesidecar is true, the codec on that...

5.5CVSS6.6AI score0.00172EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.3 views

h3blog 跨站脚本漏洞

h3blog is a creation-focused light blogging system by H.C.Q's individual developers. A code injection vulnerability exists in version 1.0 of h3blog, which stems from the incorrect operation of the parameter Name in the file /admin/cms/material/add, and could lead to a cross-site scripting attack...

5.1CVSS5.7AI score0.00222EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/14 12:0 a.m.3 views

CVE-2024-44640

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the course-short, course-full, and cdate parameters in add-course.php...

7.6AI score0.0021EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.7 views

PHPGurukul Student Record System 安全漏洞

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the sub1, sub2, sub3, sub4, and course-short parameters of add-subject.php. An attacker can exploit this...

6.5CVSS8.1AI score0.0021EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/11/14 12:0 a.m.6 views

CVE-2024-44639

PHPGurukul Student Record System 3.20 is vulnerable to SQL Injection via the sub1, sub2, sub3, sub4, and course-short parameters in add-subject.php...

0.0021EPSS
Exploits1References2
Rows per page
Query Builder