11468 matches found
Projectworlds Gate Pass Management System SQL注入漏洞
Projectworlds Gate Pass Management System is a gate management system for Projectworlds. A SQL injection vulnerability exists in Projectworlds Gate Pass Management System version 1.0, which stems from an incorrect manipulation of the parameter fullname in the file /add-pass.php, which could lead ...
Code-Projects Courier Management System 安全漏洞
Courier Management System is a courier management system. The Courier Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Shippername in the file /add-courier.php. An attacker can exploit th...
Code-Projects Voting System 跨站脚本漏洞
Code-Projects Voting System is a Code-Projects open source election system. A cross-site scripting vulnerability exists in Code-Projects Voting System version 1.0, which stems from incorrect manipulation of the parameters Firstname/Lastname/Platform in the file /admin/votersadd.php, and could lea...
PT-2025-41371
Name of the Vulnerable Software and Affected Versions Slider Revolution plugin for WordPress versions prior to 6.7.38 Description The Slider Revolution plugin for WordPress is susceptible to unauthorized access and modification of data because of a missing capability check on several functions...
PT-2025-41455
Name of the Vulnerable Software and Affected Versions code-projects Courier Management System version 1.0 Description A flaw exists in code-projects Courier Management System 1.0. This issue is related to an unknown functionality within the /add-courier.php file. Manipulation of the Shippername...
PT-2025-41463
Name of the Vulnerable Software and Affected Versions ProjectWorlds Gate Pass Management System version 1.0 Description A SQL injection issue exists in the handling of the fullname parameter within the /add-pass.php script. Manipulation of this parameter can allow an attacker to inject malicious...
SUSE CVE-2022-50532
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sastransportportadd In mpt3sastransportportadd, if sasrphyadd returns error, sasrphyfree needs be called to free the resource allocated in sasenddevicealloc. Otherwise a kernel...
CVE-2025-11512 code-projects Voting System voters_add.php cross site scripting
A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/votersadd.php. The manipulation of the argument Firstname/Lastname/Platform results in cross site scripting. The attack can be executed remotely. The exploit has...
EUVD-2025-33276
A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/votersadd.php. The manipulation of the argument Firstname/Lastname/Platform results in cross site scripting. The attack can be executed remotely. The exploit has...
CVE-2025-11512 code-projects Voting System voters_add.php cross site scripting
A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/votersadd.php. The manipulation of the argument Firstname/Lastname/Platform results in cross site scripting. The attack can be executed remotely. The exploit has...
CVE-2025-11512
CVE-2025-11512 affects code-projects Voting System 1.0. The issue is a cross-site scripting vulnerability in the file /admin/voters_add.php caused by improper handling of the Firstname/Lastname/Platform parameters. It can be exploited remotely and the exploit has been made public. Affected versio...
SUSE CVE-2023-53674
In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devmclknotifierregister devmclknotifierregister allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on device detach and the allocat...
CVE-2025-11511
A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplieradd.php. Executing manipulation of the argument suppemail can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-11511
A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplieradd.php. Executing manipulation of the argument suppemail can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-11509
A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/productadd.php. Performing manipulation of the argument prodname results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...
CVE-2025-11509
A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/productadd.php. Performing manipulation of the argument prodname results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...
CVE-2025-11508
A security vulnerability has been detected in code-projects Voting System 1.0. This affects an unknown function of the file /admin/votersadd.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed publicly and...
CVE-2025-11511
CVE-2025-11511 affects the code-projects E-Commerce Website 1.0, specifically the file /pages/supplier_add.php. The vulnerability arises from insufficient validation/manipulation protection of the supp_email parameter, allowing SQL injection and enabling remote exploitation. Multiple sources note...
CVE-2025-11511 code-projects E-Commerce Website supplier_add.php sql injection
A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplieradd.php. Executing manipulation of the argument suppemail can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-11511 code-projects E-Commerce Website supplier_add.php sql injection
A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplieradd.php. Executing manipulation of the argument suppemail can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...