11465 matches found
CVE-2025-63447
Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /addcustomer.php...
CVE-2025-63447
Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /addcustomer.php...
Water-Management-System 安全漏洞
Water-Management-System is an inventory management system by the individual developer Dikshant Naik. A security vulnerability exists in Water-Management-System version 1.0, which originates from a cross-site scripting vulnerability in the file /addcustomer.php...
EUVD-2025-37440
A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...
CVE-2025-12594
A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...
CVE-2025-12594
A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...
CVE-2025-12594
The CVE-2025-12594 entry concerns code-projects Simple Online Hotel Reservation System 2.0. A SQL injection vulnerability exists in the file /admin/add_account.php (parameter Name). Multiple connected sources confirm remote exploitation with the exploit publicly released, enabling an attacker to ...
CVE-2025-12594 code-projects Simple Online Hotel Reservation System add_account.php sql injection
A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...
Code-Projects Simple Online Hotel Reservation System SQL注入漏洞
Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Name in the file...
EUVD-2023-60052
Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting XSS vulnerability in the LDAP/AD authentication-server configuration. Unsanitized user input can be stored and later rendered in the administrative UI, causing JavaScript to execute in the browser of any user who views th...
SUSE CVE-2025-40096
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential double free in drmschedjobaddresvdependencies When adding dependencies with drmschedjobadddependency, that function consumes the fence reference both on success and failure, so in the latter case the...
E-Commerce Website supplier_add.php file cross-site scripting vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters suppname and suppaddress in the file /pages/supplieradd.php, which can be exploite...
E-Commerce Website product_add.php File Cross-Site Scripting Vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameters prodname/proddesc/prodcos in the file /pages/productadd.php, which can be exploite...
Online Event Judging System add_contestant.php File SQL Injection Vulnerability
Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addcontestant.php. An attacker can exploi...
CVE-2025-53880
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list o...
CVE-2025-53880 susemanager-tftpsync-recv allows arbitrary file creation and deletion due to path traversal
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list o...
EUVD-2025-36998
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list o...
CVE-2025-53880 susemanager-tftpsync-recv allows arbitrary file creation and deletion due to path traversal
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list o...
[SECURITY] Fedora 42 Update: qt6-qtimageformats-6.9.3-1.fc42
The core Qt Gui library by default supports reading and writing image files of the most common file formats: PNG, JPEG, BMP, GIF and a few more, ref. Reading and Writing Image Files. The Qt Image Formats add-on module provides optional support for other image file formats, including: MNG, TGA,...
PT-2025-44397
Name of the Vulnerable Software and Affected Versions tftpsync affected versions not specified Description A path traversal flaw exists in the tftpsync/add and tftpsync/delete scripts. A remote attacker on an adjacent network can potentially write or delete files on the filesystem with the...