Lucene search
+L

162 matches found

Positive Technologies
Positive Technologies
added 2024/12/26 12:0 a.m.4 views

PT-2024-17830 · Unknown · 1000 Projects Portfolio Management System Mca

Name of the Vulnerable Software and Affected Versions: 1000 Projects Portfolio Management System MCA version 1.0 Description: A critical vulnerability was found in the 1000 Projects Portfolio Management System MCA. This issue affects the file /update personal details.php and can be exploited...

9.8CVSS8AI score0.00735EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2024/12/20 12:0 a.m.10 views

PT-2024-11008 · Monitorapp · Monitorapp Application Insight Web Application Firewall

Name of the Vulnerable Software and Affected Versions: MONITORAPP Application Insight Web Application Firewall AIWAF versions = 4.1.6 and = 5.0 Description: A reflected cross-site scripting issue was identified on the subpage "/process management/process status.xhr.php". This issue allows an...

6.1CVSS6.3AI score0.00233EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.5 views

PT-2024-36481 · Unknown · Online Nurse Hiring System

Name of the Vulnerable Software and Affected Versions: Online Nurse Hiring System version 1.0 Description: A SQL injection issue was discovered in the /admin/profile.php component through the fullname parameter. This allows for potential exploitation. Recommendations: For Online Nurse Hiring Syst...

7.2CVSS7.5AI score0.0057EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.7 views

PT-2024-36480 · Unknown · Online Nurse Hiring System

Name of the Vulnerable Software and Affected Versions: Online Nurse Hiring System version 1.0 Description: A stored cross-site scripting XSS issue in the /admin/profile.php component allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the fullname...

4.8CVSS5.9AI score0.00297EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.6 views

PT-2024-17621 · Unknown · Code-Projects Online Class/Exam Scheduling System

Name of the Vulnerable Software and Affected Versions: code-projects Online Class and Exam Scheduling System version 1.0 Description: A critical issue was found in the system, affecting some unknown functionality of the file /pages/subject update.php. The manipulation of the id argument leads to...

8.8CVSS7.3AI score0.00545EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.7 views

PT-2024-17366 · Unknown · Code-Projects Responsive Hotel Site

Name of the Vulnerable Software and Affected Versions: code-projects Responsive Hotel Site version 1.0 Description: A critical issue has been found in the file /admin/room.php, where the manipulation of the troom argument leads to SQL injection. This issue can be exploited remotely...

8.8CVSS7.1AI score0.00646EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/11/25 12:0 a.m.4 views

PT-2024-17156 · Unknown · 1000 Projects Beauty Parlour Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Beauty Parlour Management System version 1.0 Description: A critical issue has been found in the 1000 Projects Beauty Parlour Management System. This issue affects an unknown part of the file /admin/add-customer.php. The...

9.8CVSS7.9AI score0.00827EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/11/25 12:0 a.m.11 views

PT-2024-35785 · Unknown · Lafelabs Chaos

Name of the Vulnerable Software and Affected Versions: LafeLabs Chaos version 0.0.1 Description: A cross-site scripting XSS issue exists in the "/scroll.php" endpoint, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload. This could potentially lead to unauthorized...

5.4CVSS5.6AI score0.00265EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.9 views

PT-2024-9175 · Absysnet · Absysnet

Name of the Vulnerable Software and Affected Versions: AbsysNet version 2.3.1 Description: An IDOR Insecure Direct Object Reference vulnerability has been discovered, which could allow a remote attacker to obtain the session of an unauthenticated user by brute-force attacking the session identifi...

7.8CVSS7.1AI score0.0087EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/11/14 12:0 a.m.6 views

PT-2024-34441 · Unknown · Kashipara E-Learning Management System Project

Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the /admin/school year.php endpoint, specifically via the school year parameter. This allows remote attackers to...

5.4CVSS6.2AI score0.0038EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/11/03 12:0 a.m.6 views

PT-2024-16516 · Unknown · Datatables +1

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal version 2.0 Description: A vulnerability was found in the PHPGurukul Online Shopping Portal, affecting unknown code of the file admin/assets/plugins/DataTables/media/unit testing/templates/dom data two...

5.4CVSS4.3AI score0.00379EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/11/03 12:0 a.m.4 views

PT-2024-16499 · Unknown · Codezips Free Exam Hall Seating Management System

Name of the Vulnerable Software and Affected Versions: Codezips Free Exam Hall Seating Management System version 1.0 Description: A critical issue affects the processing of the file /student.php, where the manipulation of the email argument leads to SQL injection. The attack can be initiated...

9.8CVSS8.1AI score0.00587EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/11/03 12:0 a.m.5 views

PT-2024-16498 · Unknown · Projectworlds Life Insurance Management System

Name of the Vulnerable Software and Affected Versions: Project Worlds Life Insurance Management System version 1.0 Description: A critical issue has been found in the system, affecting the file /editNominee.php. The manipulation of the nominee id argument leads to SQL injection. The attack can be...

9.8CVSS8.1AI score0.00508EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.9 views

PT-2024-32997 · Pluxml · Pluxml

Name of the Vulnerable Software and Affected Versions: PluXml versions 5.8.16 and lower Description: A remote code execution issue in the /PluXml/core/admin/parametres edittpl.php component allows attackers to execute arbitrary code by injecting a crafted payload into a template. Recommendations:...

9.8CVSS8.4AI score0.00831EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2024/10/12 2:48 a.m.8 views

SUSE CVE-2024-47869

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a timing attack in the way Gradio compares hashes for the analyticsdashboard function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response ti...

3.7CVSS6.7AI score0.00292EPSS
Exploits0References3
NVD
NVD
added 2024/10/10 11:15 p.m.20 views

CVE-2024-47869

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a timing attack in the way Gradio compares hashes for the analyticsdashboard function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response ti...

3.7CVSS0.00292EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/02 12:0 a.m.6 views

PT-2024-7429 · Draytek · Draytek Vigor310

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor310 versions through 4.3.2.6 Description: The issue is related to a stack-based Buffer Overflow vulnerability in the /cgi-bin/ipfedr.cgi component of the DrayTek Vigor310 devices' web interface. This vulnerability can be exploite...

8CVSS7.7AI score0.00464EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/09/27 12:0 a.m.8 views

PT-2024-39539 · Unknown · Bg5Sbk Minicms

Name of the Vulnerable Software and Affected Versions: bg5sbk MiniCMS versions up to 1.11 Description: A vulnerability was found in bg5sbk MiniCMS, affecting some unknown processing of the file post-edit.php, leading to cross-site request forgery. The attack may be initiated remotely. The exploit...

6.9CVSS6.7AI score0.00336EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/09/17 12:0 a.m.5 views

PT-2024-31969 · Frog Cms · Frog Cms

Name of the Vulnerable Software and Affected Versions: FrogCMS version 0.9.5 Description: A Cross-Site Request Forgery CSRF issue was discovered in FrogCMS. The vulnerability can be exploited via the "/admin/?/plugin/file manager/create directory" endpoint. This allows an attacker to perform...

8.8CVSS6.4AI score0.00304EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/09/09 12:0 a.m.8 views

PT-2024-31220 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.1 Description: The issue is an arbitrary file read vulnerability. It affects the admin safe.php component. There is no information provided about the estimated number of potentially affected devices worldwide or real-world...

7.5CVSS7AI score0.00675EPSS
Exploits1References8
Rows per page
Query Builder