11426 matches found
CVE-2019-25661 Remote Process Explorer 1.0.0.16 Local Buffer Overflow DoS
Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...
CVE-2019-25661 Remote Process Explorer 1.0.0.16 Local Buffer Overflow DoS
Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...
CVE-2026-5580
A vulnerability was identified in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/addvideos.php of the component Parameter Handler. The manipulation of the argument videotitle leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2026-5576
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-5576
SourceCodester/jkev Record Management System 1.0 contains a flaw in Add Employee page, specifically in save_emp.php that allows unrestricted file upload. The issue enables remote exploitation; exploit code is reported as available. The CVSS-derived data indicate network access, low to moderate im...
CVE-2026-5576 SourceCodester/jkev Record Management System Add Employee save_emp.php unrestricted upload
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-5576 SourceCodester/jkev Record Management System Add Employee save_emp.php unrestricted upload
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file saveemp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...
EUVD-2026-19040
A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function addlesson of the file /application/models/Crudmodel.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and ma...
CVE-2026-5546
A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function addlesson of the file /application/models/Crudmodel.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and ma...
CVE-2026-5546
CVE-2026-5546 affects Campcodes Complete Online Learning Management System 1.0; the flaw is in Crud_model.php add_lesson, where a manipulation leads to unrestricted file uploads. The issue can be triggered remotely, and the exploit has been published. No remediation details are provided in the av...
CVE-2026-5546 Campcodes Complete Online Learning Management System Crud_model.php add_lesson unrestricted upload
A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function addlesson of the file /application/models/Crudmodel.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and ma...
CVE-2026-5546
A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function addlesson of the file /application/models/Crudmodel.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and ma...
CVE-2026-5546 Campcodes Complete Online Learning Management System Crud_model.php add_lesson unrestricted upload
A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function addlesson of the file /application/models/Crudmodel.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and ma...
PT-2026-30417
A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function add lesson of the file /application/models/Crud model.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit has been published and...
PT-2026-30445
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file save emp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has...
LizardSystems Remote Process Explorer 缓冲区错误漏洞
LizardSystems Remote Process Explorer is a remote process management tool developed by LizardSystems. Version 1.0.0.16 of Remote Process Explorer contains a buffer overflow vulnerability. This vulnerability stems from a local buffer overflow in the “Add Computer” dialog box, which could allow...
PT-2026-30470
Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...
CampCodes Complete Online Learning Management System 代码问题漏洞
CampCodes Complete Online Learning Management System is an online learning system developed by the Philippine company CampCodes. Version 1.0 of the Campcodes Complete Online Learning Management System has a code vulnerability. This vulnerability stems from improper upload restrictions in the...
Incorrect Authorization
Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Incorrect Authorization via the storagefolder configuration option, which allows a user with SETTINGS and ADD permissions to redirect downloads to the Flask...
pyLoad: Unprotected storage_folder enables arbitrary file write to Flask session store and code execution (Incomplete fix for CVE-2026-33509)
Summary The fix for CVE-2026-33509 GHSA-r7mc-x6x7-cqxx added an ADMINONLYOPTIONS set to block non-admin users from modifying security-critical config options. The storagefolder option is not in this set and passes the existing path restriction because the Flask session directory is outside both...