11468 matches found
CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting
A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...
EUVD-2025-36084
A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be...
CVE-2025-12227
Projectworlds Gate Pass Management System 1.0 is affected by a cross-site scripting vulnerability in an unknown function within /add-pass.php. The issue can be exploited remotely, with public disclosure of the exploit noted in multiple feeds. The root cause is described as an unknown function in ...
CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting
A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...
Code-Projects E-Commerce Website 代码注入漏洞
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameters prodname/proddesc/prodcos in the file /pages/productadd.php, which can be exploite...
PT-2025-44058
Name of the Vulnerable Software and Affected Versions Willow CMS versions prior to 1.4.1 Description A flaw exists in Willow CMS that allows for unrestricted file uploads. This issue is present in a file located at /admin/images/add and involves an unknown function. Remote attackers can exploit...
PT-2025-44060
Name of the Vulnerable Software and Affected Versions Code-Projects E-Commerce Website version 1.0 Description A cross site scripting issue exists in Code-Projects E-Commerce Website version 1.0. The issue is related to the manipulation of the supp name/supp address arguments within the file...
PT-2025-44061
Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 that allows for cross site scripting. The issue is located in the /pages/product add.php file. Manipulation of the prod name, prod...
PT-2025-44057
Name of the Vulnerable Software and Affected Versions Willow CMS versions prior to 1.4.1 Description A security flaw exists in Willow CMS that allows for cross site scripting. The issue is related to the processing of the file '/admin/articles/add' within the Add Post Page component. Manipulation...
PT-2025-43881
Name of the Vulnerable Software and Affected Versions projectworlds Gate Pass Management System version 1.0 Description A flaw exists in projectworlds Gate Pass Management System that allows for cross site scripting. The issue is located in an unknown function within the /add-pass.php file. This...
Code-Projects Online Event Judging System SQL注入漏洞
Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addcontestant.php. An attacker can exploi...
Code-Projects E-Commerce Website 代码注入漏洞
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters suppname and suppaddress in the file /pages/supplieradd.php, which can be exploite...
PT-2025-43992
Name of the Vulnerable Software and Affected Versions code-projects Simple Food Ordering System version 1.0 Description A security flaw exists in code-projects Simple Food Ordering System 1.0. The issue affects unknown code within the /addproduct.php file. Manipulation of the pname/category/price...
PT-2025-43975
Name of the Vulnerable Software and Affected Versions ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System versions up to 1.1.0 Description A flaw exists in the Add Product Page component of the software, specifically affecting the file /admin/index.php?add product. This allows for...
Willow CMS 代码问题漏洞
Willow CMS is a content management system for mndeaves individual developers. A code issue vulnerability exists in Willow CMS version 1.4.0 and prior versions, which stems from the presence of an unrestricted upload function in the file /admin/images/add, which could lead to a remote attack...
projectworlds Gate Pass Management System 跨站脚本漏洞
Projectworlds Gate Pass Management System is an open source gate management system from Projectworlds. A code injection vulnerability exists in version 1.0 of the projectworlds Gate Pass Management System, which originates from a cross-site scripting vulnerability in an unknown function in the fi...
PT-2025-43913
Name of the Vulnerable Software and Affected Versions code-projects Online Event Judging System version 1.0 Description A flaw exists in code-projects Online Event Judging System that allows for SQL injection. This issue is related to the /add judge.php file and manipulation of the fullname...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-44935)
sctp: Fix null-ptr-deref in reuseportaddsock. A Null Pointer Dereference in reuseportaddsock while accessing sk2-skreuseportcb . The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the same port and concurrently closes the first listener. The second listen...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-47705)
In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blkaddpartition The blkaddpartition function initially used a single if-condition ISERRpart to check for errors when adding a partition. This was modified to handle the specific...
CVE-2025-10488
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to arbitrary file move due to insufficient file path validation in the addlistingaction AJAX action in all versions up to, and including, 8.4.8. This makes it possible for...