Lucene search
K

11465 matches found

OSV
OSV
added 2025/10/27 11:15 p.m.4 views

CVE-2025-12334

A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...

6.1CVSS4.3AI score0.00356EPSS
Exploits1References5
OSV
OSV
added 2025/10/27 11:15 p.m.4 views

CVE-2025-12333

A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

6.1CVSS4.1AI score
Exploits0References5
Cvelist
Cvelist
added 2025/10/27 10:32 p.m.6 views

CVE-2025-12334 code-projects E-Commerce Website product_add.php cross site scripting

A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...

5.3CVSS0.00356EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/27 10:32 p.m.3 views

CVE-2025-12334 code-projects E-Commerce Website product_add.php cross site scripting

A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...

5.3CVSS3.9AI score0.00356EPSS
Exploits1References5
CVE
CVE
added 2025/10/27 10:32 p.m.13 views

CVE-2025-12334

CVE-2025-12334 concerns code-projects E-Commerce Website 1.0. The vulnerability is in the /pages/product_add.php file, where manipulating prod_name, prod_desc, or prod_cost enables cross-site scripting. It can be triggered remotely, and multiple sources indicate the exploit has been made public. ...

6.1CVSS4.1AI score0.00356EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/10/27 10:32 p.m.7 views

CVE-2025-12333 code-projects E-Commerce Website supplier_add.php cross site scripting

A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS0.00356EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/27 10:32 p.m.3 views

CVE-2025-12333 code-projects E-Commerce Website supplier_add.php cross site scripting

A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplieradd.php. The manipulation of the argument suppname/suppaddress leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

5.3CVSS3.9AI score0.00356EPSS
Exploits1References5
CVE
CVE
added 2025/10/27 10:32 p.m.14 views

CVE-2025-12333

Code-Projects E-Commerce Website 1.0 has a cross-site scripting vulnerability in /pages/supplier_add.php. The issue stems from lack of input filtering/escaping for the supp_name and supp_address parameters, enabling remote injection of arbitrary scripts. Exploitation is possible remotely and the ...

6.1CVSS4AI score0.00356EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/10/27 10:15 p.m.5 views

CVE-2025-12331

A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited...

7.2CVSS0.0035EPSS
Exploits1References5
OSV
OSV
added 2025/10/27 10:15 p.m.4 views

CVE-2025-12330

A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...

4.8CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2025/10/27 10:15 p.m.5 views

CVE-2025-12331

A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited...

7.2CVSS6.6AI score
Exploits0References5
Cvelist
Cvelist
added 2025/10/27 10:2 p.m.9 views

CVE-2025-12331 Willow CMS add unrestricted upload

A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited...

5.8CVSS0.0035EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/27 10:2 p.m.3 views

CVE-2025-12331 Willow CMS add unrestricted upload

A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited...

5.8CVSS4.7AI score0.0035EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/27 10:2 p.m.3 views

CVE-2025-12330 Willow CMS Add Post add cross site scripting

A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...

4.8CVSS2.9AI score0.00246EPSS
Exploits1References5
CVE
CVE
added 2025/10/27 10:2 p.m.12 views

CVE-2025-12330

CVE-2025-12330 affects Willow CMS up to 1.4.0. The vulnerability stems from improper handling of parameters in /admin/articles/add (Add Post Page), where manipulation of title/body leads to cross-site scripting. Exploitation can be remote, and public exploits exist. Impact is limited to the descr...

4.8CVSS3.3AI score0.00246EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/10/27 10:2 p.m.8 views

CVE-2025-12330 Willow CMS Add Post add cross site scripting

A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit h...

4.8CVSS0.00246EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/27 6:31 p.m.5 views

EUVD-2025-36200

A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...

5.8CVSS4.5AI score0.00276EPSS
Exploits0References5
NVD
NVD
added 2025/10/27 4:15 p.m.10 views

CVE-2025-12291

A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...

5.8CVSS0.00276EPSS
Exploits0References4
OSV
OSV
added 2025/10/27 3:45 p.m.4 views

JLSEC-2025-189 An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access...

An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory...

7.5CVSS7AI score0.00914EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/27 3:32 p.m.8 views

CVE-2025-12291 ashymuzuro Full-Ecommece-Website/Muzuro Ecommerce System Add Product index.php unrestricted upload

A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...

5.8CVSS0.00276EPSS
Exploits0References4
Rows per page
Query Builder