Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/04 3:30 p.m.8 views

CVE-2026-10815

A vulnerability was found in LakshayD02 Hostel-Management-System-PHP up to f87e67c283bab6f718faf2fec6ae39a13bd7036b. This issue affects some unknown processing of the file hostel/index.php of the component Admin Dashboard Page. The manipulation of the argument ID results in missing authorization...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server from 2026.1.6.0 to 2026.1.16.0, as well as versions prior to 2025.3.20.0, have security...

5.4CVSS5.8AI score0.00142EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/03/19 5:25 p.m.9 views

AVideo: IDOR - Any Admin Can Set Another User's Channel Password via setPassword.json.php

Summary The setPassword.json.php endpoint in the CustomizeUser plugin allows administrators to set a channel password for any user. Due to a logic error in how the submitted password value is processed, any password containing non-numeric characters is silently coerced to the integer zero before...

9.1CVSS5.8AI score0.00342EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/01/30 6:0 a.m.36 views

CVE-2026-1680 Local Privilege Escalation in Local Admin Service

Improper access control in the WCF endpoint in Edgemo now owned by Danoffice IT Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group...

8.5CVSS0.00204EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.5 views

Helmet Store Showroom Site SQL注入漏洞

Helmet Store Showroom Site is a platform by Carlo Montero Personal Developer. It allows potential customers of Inquiries Stores to virtually display helmet products. A security vulnerability exists in Helmet Store Showroom Site v1.0, which stems from a SQL injection on the login page and can be...

9.8CVSS8.4AI score0.0431EPSS
Exploits1References3
exploitpack
exploitpack
added 2002/12/14 12:0 a.m.16 views

MyPHPSoft MyPHPLinks 2.1.92.2 - SQL Injection Administration Bypassing

MyPHPSoft MyPHPLinks 2.1.92.2 - SQL Injection Administration Bypassing source: https://www.securityfocus.com/bid/6395/info MyPHPLinks is a freely available, open source PHP application distributed by MyPHPSoft. It is available for Unix, Linux, and Microsoft Windows operating systems. It has been...

0.3AI score
Exploits0
Rows per page
Query Builder