Lucene search
K

11465 matches found

Vulnrichment
Vulnrichment
added 2025/11/03 12:0 a.m.3 views

CVE-2025-63447

Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /addcustomer.php...

5.8AI score0.00232EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/03 12:0 a.m.8 views

CVE-2025-63447

Water Management System v1.0 is vulnerable to Cross Site Scripting XSS in /addcustomer.php...

0.00232EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/03 12:0 a.m.4 views

Water-Management-System 安全漏洞

Water-Management-System is an inventory management system by the individual developer Dikshant Naik. A security vulnerability exists in Water-Management-System version 1.0, which originates from a cross-site scripting vulnerability in the file /addcustomer.php...

6.1CVSS6.1AI score0.00232EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/02 9:30 a.m.6 views

EUVD-2025-37440

A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...

5.8CVSS6.3AI score0.00411EPSS
Exploits1References6
NVD
NVD
added 2025/11/02 9:15 a.m.5 views

CVE-2025-12594

A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...

7.2CVSS0.00411EPSS
Exploits1References5
OSV
OSV
added 2025/11/02 9:15 a.m.3 views

CVE-2025-12594

A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...

7.2CVSS5.7AI score0.00411EPSS
Exploits1References5
CVE
CVE
added 2025/11/02 8:32 a.m.16 views

CVE-2025-12594

The CVE-2025-12594 entry concerns code-projects Simple Online Hotel Reservation System 2.0. A SQL injection vulnerability exists in the file /admin/add_account.php (parameter Name). Multiple connected sources confirm remote exploitation with the exploit publicly released, enabling an attacker to ...

7.2CVSS4.9AI score0.00411EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/11/02 8:32 a.m.12 views

CVE-2025-12594 code-projects Simple Online Hotel Reservation System add_account.php sql injection

A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...

5.8CVSS0.00411EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/11/02 12:0 a.m.5 views

Code-Projects Simple Online Hotel Reservation System SQL注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Name in the file...

7.2CVSS5.7AI score0.00411EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/31 12:30 a.m.4 views

EUVD-2023-60052

Nagios Fusion versions prior to 4.2.0 contain a stored cross-site scripting XSS vulnerability in the LDAP/AD authentication-server configuration. Unsanitized user input can be stored and later rendered in the administrative UI, causing JavaScript to execute in the browser of any user who views th...

6.2CVSS5AI score0.00781EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/10/31 12:25 a.m.2 views

SUSE CVE-2025-40096

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential double free in drmschedjobaddresvdependencies When adding dependencies with drmschedjobadddependency, that function consumes the fence reference both on success and failure, so in the latter case the...

5.8CVSS6.7AI score0.00183EPSS
Exploits0References22
CNVD
CNVD
added 2025/10/31 12:0 a.m.2 views

E-Commerce Website supplier_add.php file cross-site scripting vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters suppname and suppaddress in the file /pages/supplieradd.php, which can be exploite...

6.1CVSS6AI score0.00356EPSS
Exploits1References1
CNVD
CNVD
added 2025/10/31 12:0 a.m.2 views

E-Commerce Website product_add.php File Cross-Site Scripting Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameters prodname/proddesc/prodcos in the file /pages/productadd.php, which can be exploite...

6.1CVSS6.3AI score0.00356EPSS
Exploits1References1
CNVD
CNVD
added 2025/10/31 12:0 a.m.3 views

Online Event Judging System add_contestant.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addcontestant.php. An attacker can exploi...

8.8CVSS7.1AI score0.00299EPSS
Exploits1References1
NVD
NVD
added 2025/10/30 11:15 a.m.4 views

CVE-2025-53880

A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list o...

8.7CVSS0.00264EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/30 10:31 a.m.1 views

CVE-2025-53880 susemanager-tftpsync-recv allows arbitrary file creation and deletion due to path traversal

A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list o...

8.7CVSS6.6AI score0.00264EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/30 10:31 a.m.3 views

EUVD-2025-36998

A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list o...

8.7CVSS6.5AI score0.00264EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/30 10:31 a.m.6 views

CVE-2025-53880 susemanager-tftpsync-recv allows arbitrary file creation and deletion due to path traversal

A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list o...

8.7CVSS0.00264EPSS
Exploits0References1
Fedora
Fedora
added 2025/10/30 4:36 a.m.5 views

[SECURITY] Fedora 42 Update: qt6-qtimageformats-6.9.3-1.fc42

The core Qt Gui library by default supports reading and writing image files of the most common file formats: PNG, JPEG, BMP, GIF and a few more, ref. Reading and Writing Image Files. The Qt Image Formats add-on module provides optional support for other image file formats, including: MNG, TGA,...

9.4CVSS7AI score0.00204EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.4 views

PT-2025-44397

Name of the Vulnerable Software and Affected Versions tftpsync affected versions not specified Description A path traversal flaw exists in the tftpsync/add and tftpsync/delete scripts. A remote attacker on an adjacent network can potentially write or delete files on the filesystem with the...

8.7CVSS6.5AI score0.00264EPSS
Exploits0References5
Rows per page
Query Builder