Lucene search
K

11468 matches found

Cvelist
Cvelist
added 2025/10/27 5:32 a.m.11 views

CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

5.1CVSS0.00224EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/27 5:32 a.m.7 views

EUVD-2025-36084

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be...

5.1CVSS5.2AI score0.00224EPSS
Exploits1References5
CVE
CVE
added 2025/10/27 5:32 a.m.12 views

CVE-2025-12227

Projectworlds Gate Pass Management System 1.0 is affected by a cross-site scripting vulnerability in an unknown function within /add-pass.php. The issue can be exploited remotely, with public disclosure of the exploit noted in multiple feeds. The root cause is described as an unknown function in ...

5.4CVSS3.3AI score0.00224EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/27 5:32 a.m.2 views

CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

5.1CVSS3.3AI score0.00224EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.3 views

Code-Projects E-Commerce Website 代码注入漏洞

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameters prodname/proddesc/prodcos in the file /pages/productadd.php, which can be exploite...

6.1CVSS6.1AI score0.00356EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.4 views

PT-2025-44058

Name of the Vulnerable Software and Affected Versions Willow CMS versions prior to 1.4.1 Description A flaw exists in Willow CMS that allows for unrestricted file uploads. This issue is present in a file located at /admin/images/add and involves an unknown function. Remote attackers can exploit...

5.8CVSS5.1AI score0.0035EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.7 views

PT-2025-44060

Name of the Vulnerable Software and Affected Versions Code-Projects E-Commerce Website version 1.0 Description A cross site scripting issue exists in Code-Projects E-Commerce Website version 1.0. The issue is related to the manipulation of the supp name/supp address arguments within the file...

6.1CVSS4.3AI score0.00356EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.6 views

PT-2025-44061

Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0 that allows for cross site scripting. The issue is located in the /pages/product add.php file. Manipulation of the prod name, prod...

6.1CVSS3.9AI score0.00356EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-44057

Name of the Vulnerable Software and Affected Versions Willow CMS versions prior to 1.4.1 Description A security flaw exists in Willow CMS that allows for cross site scripting. The issue is related to the processing of the file '/admin/articles/add' within the Add Post Page component. Manipulation...

4.8CVSS2.9AI score0.00246EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.8 views

PT-2025-43881

Name of the Vulnerable Software and Affected Versions projectworlds Gate Pass Management System version 1.0 Description A flaw exists in projectworlds Gate Pass Management System that allows for cross site scripting. The issue is located in an unknown function within the /add-pass.php file. This...

5.4CVSS5.1AI score0.00224EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.2 views

Code-Projects Online Event Judging System SQL注入漏洞

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addcontestant.php. An attacker can exploi...

8.8CVSS8.2AI score0.00299EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

Code-Projects E-Commerce Website 代码注入漏洞

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters suppname and suppaddress in the file /pages/supplieradd.php, which can be exploite...

6.1CVSS5.9AI score0.00356EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.4 views

PT-2025-43992

Name of the Vulnerable Software and Affected Versions code-projects Simple Food Ordering System version 1.0 Description A security flaw exists in code-projects Simple Food Ordering System 1.0. The issue affects unknown code within the /addproduct.php file. Manipulation of the pname/category/price...

6.1CVSS3.9AI score0.00356EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-43975

Name of the Vulnerable Software and Affected Versions ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System versions up to 1.1.0 Description A flaw exists in the Add Product Page component of the software, specifically affecting the file /admin/index.php?add product. This allows for...

5.8CVSS6AI score0.00276EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.3 views

Willow CMS 代码问题漏洞

Willow CMS is a content management system for mndeaves individual developers. A code issue vulnerability exists in Willow CMS version 1.4.0 and prior versions, which stems from the presence of an unrestricted upload function in the file /admin/images/add, which could lead to a remote attack...

7.2CVSS5.2AI score0.0035EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

projectworlds Gate Pass Management System 跨站脚本漏洞

Projectworlds Gate Pass Management System is an open source gate management system from Projectworlds. A code injection vulnerability exists in version 1.0 of the projectworlds Gate Pass Management System, which originates from a cross-site scripting vulnerability in an unknown function in the fi...

5.4CVSS5.7AI score0.00224EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.9 views

PT-2025-43913

Name of the Vulnerable Software and Affected Versions code-projects Online Event Judging System version 1.0 Description A flaw exists in code-projects Online Event Judging System that allows for SQL injection. This issue is related to the /add judge.php file and manipulation of the fullname...

8.8CVSS6.9AI score0.00299EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.4 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-44935)

sctp: Fix null-ptr-deref in reuseportaddsock. A Null Pointer Dereference in reuseportaddsock while accessing sk2-skreuseportcb . The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the same port and concurrently closes the first listener. The second listen...

5.5CVSS6.9AI score0.00226EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.8 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-47705)

In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blkaddpartition The blkaddpartition function initially used a single if-condition ISERRpart to check for errors when adding a partition. This was modified to handle the specific...

5.5CVSS6.3AI score0.00217EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/26 7:16 a.m.9 views

CVE-2025-10488

The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to arbitrary file move due to insufficient file path validation in the addlistingaction AJAX action in all versions up to, and including, 8.4.8. This makes it possible for...

8.1CVSS7.5AI score0.00831EPSS
Exploits0References1
Rows per page
Query Builder