Lucene search
K

11468 matches found

CVE
CVE
added 2025/10/10 12:0 a.m.12 views

CVE-2025-60308

The CVE-2025-60308 pertains to code-projects Simple Online Hotel Reservation System 1.0, with a Cross-Site Scripting (XSS) vulnerability in the Add Room function. Malicious input in the Description field can leak the administrator’s cookie when room details are viewed, indicating potential creden...

4.1CVSS5.7AI score0.00236EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.4 views

PT-2025-41578

Name of the Vulnerable Software and Affected Versions code-projects Simple Online Hotel Reservation System version 1.0 Description The Simple Online Hotel Reservation System contains a Cross Site Scripting XSS issue within the Add Room function. Specifically, entering malicious JavaScript code in...

4.1CVSS6.2AI score0.00236EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/09 9:31 p.m.5 views

EUVD-2025-33555

A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

7.5CVSS6.7AI score0.00395EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/09 9:31 p.m.5 views

EUVD-2025-33579

A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched remotely. The exploit ha...

6.5CVSS6.5AI score0.00359EPSS
Exploits1References6
OSV
OSV
added 2025/10/09 9:15 p.m.6 views

CVE-2025-11557

A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

9.8CVSS5.8AI score0.00395EPSS
Exploits1References4
NVD
NVD
added 2025/10/09 9:15 p.m.3 views

CVE-2025-11557

A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

9.8CVSS0.00395EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/10/09 9:2 p.m.3 views

CVE-2025-11557 projectworlds Gate Pass Management System add-pass.php sql injection

A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

7.5CVSS6.9AI score0.00395EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/10/09 9:2 p.m.9 views

CVE-2025-11557 projectworlds Gate Pass Management System add-pass.php sql injection

A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

7.5CVSS0.00395EPSS
Exploits1References4
CVE
CVE
added 2025/10/09 9:2 p.m.16 views

CVE-2025-11557

The CVE-2025-11557 entry affects ProjectWorlds Gate Pass Management System v1.0. The vulnerability lies in handling of the fullname parameter in /add-pass.php, enabling SQL injection. Multiple connected sources corroborate remote-exploit potential and public disclosure. Documented impacts indicat...

9.8CVSS6.9AI score0.00395EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/10/09 8:15 p.m.11 views

CVE-2025-11553

A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched remotely. The exploit ha...

9.8CVSS0.00359EPSS
Exploits1References5
OSV
OSV
added 2025/10/09 8:15 p.m.5 views

CVE-2025-11553

A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched remotely. The exploit ha...

9.8CVSS5.8AI score0.00359EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/09 7:32 p.m.2 views

CVE-2025-11553 code-projects Courier Management System add-courier.php sql injection

A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched remotely. The exploit ha...

6.5CVSS6.7AI score0.00359EPSS
Exploits1References5
CVE
CVE
added 2025/10/09 7:32 p.m.14 views

CVE-2025-11553

The CVE-2025-11553 entry concerns code-projects Courier Management System 1.0 and its /add-courier.php handler. Multiple connected sources describe a SQL injection vulnerability triggered by manipulating the Shippername parameter, exploitable remotely and publicly available. The root cause is lac...

9.8CVSS6.7AI score0.00359EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/10/09 7:32 p.m.8 views

CVE-2025-11553 code-projects Courier Management System add-courier.php sql injection

A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the argument Shippername can lead to sql injection. The attack can be launched remotely. The exploit ha...

6.5CVSS0.00359EPSS
Exploits1References5
NVD
NVD
added 2025/10/09 12:15 p.m.4 views

CVE-2025-10249

The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above...

6.5CVSS0.00346EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/09 11:20 a.m.3 views

CVE-2025-10249 Slider Revolution <= 6.7.37 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Read

The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above...

6.5CVSS4.9AI score0.00346EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/09 11:20 a.m.5 views

EUVD-2025-33332

The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attackers, with Contributor-level access and above...

6.5CVSS4.8AI score0.00346EPSS
Exploits0References3
OSV
OSV
added 2025/10/09 12:15 a.m.4 views

CVE-2025-11512

A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/votersadd.php. The manipulation of the argument Firstname/Lastname/Platform results in cross site scripting. The attack can be executed remotely. The exploit has...

6.1CVSS4.2AI score0.00356EPSS
Exploits1References5
NVD
NVD
added 2025/10/09 12:15 a.m.6 views

CVE-2025-11512

A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/votersadd.php. The manipulation of the argument Firstname/Lastname/Platform results in cross site scripting. The attack can be executed remotely. The exploit has...

6.1CVSS0.00356EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/10/09 12:14 a.m.9 views

CVE-2025-11417

A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This vulnerability affects unknown code of the file /admin/votersadd.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has be...

8.8CVSS6.4AI score0.00292EPSS
Exploits1References1
Rows per page
Query Builder