Lucene search
K

11467 matches found

OSV
OSV
added 2025/10/27 3:45 p.m.4 views

JLSEC-2025-189 An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access...

An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory...

7.5CVSS7AI score0.00914EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/27 3:32 p.m.8 views

CVE-2025-12291 ashymuzuro Full-Ecommece-Website/Muzuro Ecommerce System Add Product index.php unrestricted upload

A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...

5.8CVSS0.00276EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/27 3:32 p.m.2 views

CVE-2025-12291 ashymuzuro Full-Ecommece-Website/Muzuro Ecommerce System Add Product index.php unrestricted upload

A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...

5.8CVSS6AI score0.00276EPSS
Exploits0References4
CVE
CVE
added 2025/10/27 3:32 p.m.11 views

CVE-2025-12291

Summary (CVE-2025-12291) ashymuzuro’s Full-Ecommece-Website and Muzuro Ecommerce System (up to 1.1.0) contain an unrestricted upload flaw in the Add Product Page at /admin/index.php?add_product. The root cause is an input/validation issue that allows remote attackers to upload arbitrary files, en...

5.8CVSS4.6AI score0.00276EPSS
Exploits0References4
Hacker One
Hacker One
added 2025/10/27 3:0 p.m.8 views

Revive Adserver: Information Disclosure via “Add user” lookup in Account Management (User Access)

Version: ==revive-adserver 6.0.0== Flow Administrator Account ├── Management 1 │ ├── User A1 │ └── User A2 └── Management 2 ├── User B1 leak email, contacname └── User B2 leak email, contacname Summary: When a user under Management 1 navigates to User Access → Add user and enters a username, the...

4.3CVSS6.7AI score0.00252EPSS
Exploits1
NVD
NVD
added 2025/10/27 9:15 a.m.4 views

CVE-2025-12255

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /addcontestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The exploit has been release...

8.8CVSS0.00299EPSS
Exploits1References5
OSV
OSV
added 2025/10/27 9:15 a.m.1 views

CVE-2025-12255

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /addcontestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The exploit has been release...

8.8CVSS5.7AI score
Exploits0References5
OSV
OSV
added 2025/10/27 9:15 a.m.5 views

CVE-2025-12254

A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /addjudge.php. Such manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

8.8CVSS5.8AI score0.00299EPSS
Exploits1References5
CVE
CVE
added 2025/10/27 9:2 a.m.9 views

CVE-2025-12255

CVE-2025-12255 affects code-projects Online Event Judging System 1.0. A SQL injection flaw originates from the lack of validation of the fullname parameter in /add_contestant.php. The vulnerability allows remote execution of arbitrary SQL commands and may lead to data theft or modification; an ex...

8.8CVSS6.5AI score0.00299EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/27 9:2 a.m.3 views

CVE-2025-12255 code-projects Online Event Judging System add_contestant.php sql injection

A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /addcontestant.php. Performing manipulation of the argument fullname results in sql injection. Remote exploitation of the attack is possible. The exploit has been release...

6.5CVSS6.3AI score0.00299EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/27 9:2 a.m.3 views

CVE-2025-12254 code-projects Online Event Judging System add_judge.php sql injection

A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /addjudge.php. Such manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

6.5CVSS6.4AI score0.00299EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/27 9:2 a.m.11 views

CVE-2025-12254 code-projects Online Event Judging System add_judge.php sql injection

A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /addjudge.php. Such manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

6.5CVSS0.00299EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/27 9:2 a.m.6 views

EUVD-2025-36137

A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /addjudge.php. Such manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

6.5CVSS6.6AI score0.00299EPSS
Exploits1References7
OSV
OSV
added 2025/10/27 6:15 a.m.4 views

CVE-2025-12227

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

5.4CVSS4AI score0.00224EPSS
Exploits1References4
NVD
NVD
added 2025/10/27 6:15 a.m.8 views

CVE-2025-12227

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

5.4CVSS0.00224EPSS
Exploits1References4
Snyk
Snyk
added 2025/10/27 6:11 a.m.1 views

Malicious Package

Overview add-module-exports is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/27 6:11 a.m.3 views

EUVD-2025-36095

Malicious code in add-module-exports npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/27 6:11 a.m.4 views

Malicious code in add-module-exports (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c839bfd4379fee1d18fbca3447b73a811fda655fedf4480f2593d5d75149a421 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
OSV
OSV
added 2025/10/27 6:11 a.m.3 views

MAL-2025-48773 Malicious code in add-module-exports (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c839bfd4379fee1d18fbca3447b73a811fda655fedf4480f2593d5d75149a421 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
Cvelist
Cvelist
added 2025/10/27 5:32 a.m.11 views

CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

5.1CVSS0.00224EPSS
Exploits1References4
Rows per page
Query Builder