Lucene search
+L

162 matches found

Positive Technologies
Positive Technologies
added 2024/08/29 12:0 a.m.7 views

PT-2024-29363

Name of the Vulnerable Software and Affected Versions OpenFlights commit 5234b5b Description The issue is a Cross-Site Scripting XSS vulnerability found in the php/trip.php file. This allows for malicious scripts to be injected into the website, potentially leading to unauthorized access or...

6.1CVSS5.8AI score0.00263EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/08/27 12:0 a.m.7 views

PT-2024-11620 · Teldats · Teldats Router

Name of the Vulnerable Software and Affected Versions: Teldats Router versions RS123, RS123w Description: The issue allows an attacker to execute arbitrary code via the cmdcookie parameter to the "upgrade/query.php" page. This enables the attacker to perform Cross Site Scripting attacks...

4.8CVSS7AI score0.00328EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.6 views

PT-2024-31254 · Unknown · Picuploader

Name of the Vulnerable Software and Affected Versions: PicUploader version fcf82ea Description: A cross-site scripting XSS issue exists in the /auth/AzureRedirect.php component, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error description...

8CVSS6.1AI score0.00376EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.6 views

PT-2024-31255 · Gazelle · Gazelle

Name of the Vulnerable Software and Affected Versions: Gazelle version 63b3370 Description: A cross-site scripting XSS issue in the /managers/enable requests.php component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the view parameter...

6.1CVSS6AI score0.00311EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.4 views

PT-2024-30047 · Unknown · Warehouse Inventory System

Name of the Vulnerable Software and Affected Versions: Warehouse Inventory System version v2.0 Description: A Cross-Site Request Forgery CSRF issue in the delete media.php component allows attackers to escalate privileges. Recommendations: For Warehouse Inventory System version v2.0, consider...

8.8CVSS7.7AI score0.0029EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.5 views

PT-2024-38699 · Unknown · Itsourcecode Project Expense Monitoring System

Name of the Vulnerable Software and Affected Versions: itsourcecode Project Expense Monitoring System version 1.0 Description: A critical issue has been identified, affecting an unknown functionality of the file execute.php. The manipulation of the code argument leads to sql injection. This issue...

9.8CVSS7.6AI score0.00484EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.8 views

PT-2024-38624 · Sourcecodester · Sourcecodester Online Graduate Tracer System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Graduate Tracer System version 1.0 Description: A critical issue was found in the system, affecting some unknown functionality of the file /tracking/admin/fetch it.php. The manipulation of the request argument leads to s...

7.5CVSS7AI score0.00511EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.6 views

PT-2024-30104 · Unknown · Super Easy Enterprise Management System

Name of the Vulnerable Software and Affected Versions: Super easy enterprise management system versions 1.0.0 and before Description: The issue allows a local attacker to execute arbitrary code via a crafted script to the "/ajax/Login.ashx" component. This enables the attacker to potentially gain...

7.8CVSS7.5AI score0.00308EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/08/11 12:0 a.m.4 views

PT-2024-38506 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A problematic issue was found in the file add act.php, where the manipulation of the aname argument leads to cross-site scripting. The attack can be launche...

5.4CVSS6.7AI score0.00383EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/08/08 12:0 a.m.4 views

PT-2024-28860 · Sourcecodester · Sourcecodester Best House Rental Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best House Rental Management System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the "manage houses.php" file. It allows remote attackers to execute arbitrary code via the House no and Descripti...

5.4CVSS6.8AI score0.00604EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/07/10 12:0 a.m.6 views

PT-2024-37779

Name of the Vulnerable Software and Affected Versions itsourcecode Gym Management System version 1.0 Description A critical issue has been found in the itsourcecode Gym Management System, affecting the file manage member.php. The manipulation of the id argument leads to SQL injection. This issue...

8.8CVSS6.4AI score0.00619EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/06/17 12:0 a.m.5 views

PT-2024-27075 · Unknown · Getsetprop

Name of the Vulnerable Software and Affected Versions: getsetprop version 1.1.0 Description: A Prototype Pollution issue allows an attacker to execute arbitrary code via global.accessor. Recommendations: For getsetprop version 1.1.0, consider disabling access to the global.accessor until a patch ...

9.8CVSS8.2AI score0.00622EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/07 12:0 a.m.7 views

PT-2024-13697 · Precor · Precor Touchscreen Console P82

Name of the Vulnerable Software and Affected Versions: Precor touchscreen console P82 Description: The issue concerns a private SSH key in the Precor touchscreen console P82 that corresponds to a default public key. This could allow a remote attacker to gain root privileges. Recommendations: For...

8.8CVSS7.3AI score0.00317EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/06/06 12:0 a.m.16 views

PT-2024-27159 · Unknown · Sourcecodester Stock Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Stock Management System version 1.0 Description: The issue is related to SQL Injection, which can be exploited via the editCategories.php file. This allows for potential unauthorized access to database information...

9.8CVSS8AI score0.00567EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/06/05 12:0 a.m.3 views

PT-2024-36833

Name of the Vulnerable Software and Affected Versions Chanjet Smooth T+ system version 3.5 Description A critical issue has been found in the system, affecting the processing of the file /tplus/UFAQD/keyEdit.aspx. The manipulation of the KeyID argument leads to SQL injection. The attack can be...

9.8CVSS7.1AI score0.00506EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/06/05 12:0 a.m.7 views

PT-2024-27174 · Crmeb · Crmeb

Name of the Vulnerable Software and Affected Versions: CRMEB version 5.2.2 Description: The issue allows a remote attacker to obtain sensitive information. This is achieved via the getProductList function in the ProductController.php file. Recommendations: For CRMEB version 5.2.2, consider...

7.5CVSS7.1AI score0.08306EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.4 views

PT-2024-36488 · Unknown · Itsourcecode Online Blood Bank Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Blood Bank Management System version 1.0 Description: A critical issue affects some unknown functionality of the file changepwd.php. The manipulation of the useremail argument leads to sql injection. The attack may be...

9.8CVSS7.6AI score0.00851EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.10 views

PT-2024-36018 · Winnmp · Winnmp

Name of the Vulnerable Software and Affected Versions: WinNMP version 19.02 Description: A vulnerability has been discovered that allows for an XSS attack via the /tools/redis.php page, specifically in the k, hash, key, and p parameters. This could enable a remote user to submit a specially craft...

6.3CVSS6AI score0.00301EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/26 12:0 a.m.6 views

PT-2024-35848 · Unknown · Kashipara College Management System

Name of the Vulnerable Software and Affected Versions: Kashipara College Management System version 1.0 Description: A problematic issue was found in the system, affecting an unknown function of the file submit new faculty.php. The manipulation of the address argument leads to cross site scripting...

6.1CVSS6.4AI score0.00401EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.8 views

PT-2024-34605 · Unknown · Phpgurukul Directory Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Directory Management System version 1.0 Description: A problematic issue has been found in the PHPGurukul Directory Management System, affecting an unknown function of the file /admin/search-directory.php. This issue leads to...

5.1CVSS4AI score0.00473EPSS
Exploits1References7
Rows per page
Query Builder