Lucene search
K

737 matches found

Vulnrichment
Vulnrichment
added 2025/06/07 6:0 p.m.7 views

CVE-2025-5840 SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

7.5CVSS7.2AI score0.00378EPSS
Exploits2References5
CVE
CVE
added 2025/06/07 6:0 p.m.68 views

CVE-2025-5840

SourceCodester Client Database Management System 1.0 contains a vulnerability in the file /user_update_customer_order.php where the uploaded_file parameter can be manipulated to achieve unrestricted file upload. This remote-access flaw could allow an attacker to upload arbitrary files, potentiall...

7.5CVSS7.2AI score0.00378EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2025/06/07 6:0 p.m.22 views

CVE-2025-5840 SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

7.5CVSS0.00378EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/06/07 12:0 a.m.8 views

PT-2025-24347 · Unknown · Sourcecodester Client Database Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Client Database Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Client Database Management System. This issue affects an unknown part of the file /user update customer...

7.5CVSS7.1AI score0.00378EPSS
Exploits2References13
RedhatCVE
RedhatCVE
added 2025/05/30 12:49 p.m.15 views

CVE-2025-5299

A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...

7.5CVSS7.1AI score0.00513EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/28 10:47 p.m.20 views

CVE-2025-5207

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

9.8CVSS7.3AI score0.00356EPSS
Exploits1References1
NVD
NVD
added 2025/05/28 12:15 p.m.11 views

CVE-2025-5299

A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...

7.5CVSS0.00513EPSS
Exploits1References5
CVE
CVE
added 2025/05/28 12:0 p.m.53 views

CVE-2025-5299

CVE-2025-5299 affects SourceCodester Client Database Management System v1.0. The vulnerability is in the file /user_order_customer_update.php, where manipulating the argument uploaded_file_cancelled enables unrestricted file upload. Exploitation is possible remotely and exploits have been disclos...

7.5CVSS7.3AI score0.00513EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/05/28 12:0 p.m.17 views

CVE-2025-5299 SourceCodester Client Database Management System user_order_customer_update.php unrestricted upload

A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...

7.5CVSS0.00513EPSS
Exploits1References5
NVD
NVD
added 2025/05/26 10:15 p.m.12 views

CVE-2025-5207

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

9.8CVSS0.00356EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/26 10:0 p.m.21 views

CVE-2025-5207 SourceCodester Client Database Management System superadmin_update_profile.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

5.8CVSS0.00356EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/05/26 10:0 p.m.7 views

CVE-2025-5207 SourceCodester Client Database Management System superadmin_update_profile.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

5.8CVSS7.3AI score0.00356EPSS
Exploits1References5
CVE
CVE
added 2025/05/26 10:0 p.m.60 views

CVE-2025-5207

CVE-2025-5207 affects SourceCodester Client Database Management System 1.0. The vulnerability is an SQL injection in the file /superadmin_update_profile.php triggered by manipulating the nickname/email parameters, potentially exploitable remotely. Multiple connected sources corroborate the issue’...

9.8CVSS5.2AI score0.00356EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/26 12:0 a.m.4 views

PT-2025-22937 · Unknown · Sourcecodester Client Database Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Client Database Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Client Database Management System. The issue affects an unknown functionality of the file /superadmin upda...

9.8CVSS5.4AI score0.00356EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/05/23 10:22 a.m.12 views

CVE-2024-7458

A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Database Management/Deployment Management. The manipulation of the argument file leads to path traversa...

9.8CVSS6.9AI score0.00839EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:9 a.m.11 views

CVE-2024-27296

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known...

5.3CVSS7.2AI score0.0057EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:47 a.m.17 views

CVE-2024-46990

Directus is a real-time API and App dashboard for managing SQL database content. When relying on blocking access to localhost using the default 0.0.0.0 filter a user may bypass this block by using other registered loopback devices like 127.0.0.2 - 127.127.127.127. This issue has been addressed in...

5CVSS5.4AI score0.00463EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:47 a.m.9 views

CVE-2023-4552

Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An authenticated AppBuilder user with the ability to create or manage existing databases can leverage them to exploit the AppBuilder server - including access to its local file system. This...

7.1CVSS6.6AI score0.0037EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 1:56 a.m.20 views

CVE-2023-25910

A vulnerability has been identified in SIMATIC PCS 7 All versions V9.1 SP2 UC04, SIMATIC S7-PM All versions V5.7 SP1 HF1, SIMATIC S7-PM All versions V5.7 SP2 HF1, SIMATIC STEP 7 V5 All versions V5.7. The affected product contains a database management system that could allow remote users with low...

10CVSS7AI score0.01EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:24 p.m.13 views

CVE-2021-29625

Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo...

7.5CVSS5.5AI score0.09572EPSS
Exploits1References1
Rows per page
Query Builder