946 matches found
CVE-2025-0403
A vulnerability, which was classified as problematic, has been found in 1902756969 reggie 1.0. Affected by this issue is some unknown functionality of the file /user/sendMsg of the component Phone Number Validation Handler. The manipulation of the argument code leads to information disclosure. Th...
CVE-2024-12656 FabulaTech USB over Network IOCT ftusbbus2.sys 0x220448 null pointer dereference
A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The...
CVE-2024-12185
A vulnerability has been found in code-projects Hotel Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Administrator Login Password Handler. The manipulation of the argument Str2 leads to stack-based buffer overflow. An attack has to be...
CVE-2024-12185
CVE-2024-12185 affects Code-Projects Hotel Management System 1.0 in the Administrator Login Password Handler. The vulnerability is a stack-based buffer overflow triggered by manipulating the Str2 argument, with a local attack required. Public exploit information has been disclosed. Related adviso...
CVE-2024-12181
CVE-2024-12181 affects DedeCMS 5.7.116; the vulnerability is in the SWF File Handler component via the /member/uploads_add.php endpoint, where manipulating the mediatype argument enables cross-site scripting. The issue is exploitable remotely and affects an unknown functionality of that file. Mul...
CVE-2024-12001 code-projects Wazifa System Setting updatesettings.php cross site scripting
A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. It is possible to...
CVE-2024-11996
CVE-2024-11996 affects code-projects Farmacia 1.0. The vulnerability resides in /editar-fornecedor.php, where manipulating the cidade parameter leads to cross-site scripting. It can be exploited remotely, and public exploits have been disclosed. Other parameters may also be affected. Affected com...
CVE-2024-11962
A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has be...
CVE-2024-11961
CVE-2024-11961 affects Guangzhou Huayi Intelligent Technology Jeewms 3.7, specifically the preHandle function in src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The issue is argument manipulation leading to information disclosure, with remote exploit potential and public disclos...
CVE-2024-11860
A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=deletetenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization...
CVE-2024-11860 SourceCodester Best House Rental Management System POST Request ajax.php improper authorization
A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=deletetenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization...
CVE-2024-11819
A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.0. This vulnerability affects unknown code of the file /forgotpasswordprocess.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploi...
CVE-2024-11745 Tenda AC8 SetStaticRouteCfg route_static_check stack-based overflow
A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function routestaticcheck of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploi...
CVE-2024-11744 1000 Projects Portfolio Management System MCA register.php sql injection
A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely...
CVE-2024-11742
A vulnerability, which was classified as problematic, has been found in SourceCodester Best House Rental Management System 1.0. This issue affects some unknown processing of the file /rental/ajax.php?action=savetenant. The manipulation of the argument lastname/firstname/middlename leads to cross...
CVE-2024-11674
CodeAstro Hospital Management System 1.0 is affected by CVE-2024-11674 due to an unrestricted file upload in the /backend/doc/his_doc_update-account.php function when manipulating the doc_dpic parameter. The vulnerability can be triggered remotely, and public exploitation details have been disclo...
CVE-2024-11492 115cms appurladd.html cross site scripting
A vulnerability classified as problematic has been found in 115cms up to 20240807. This affects an unknown part of the file /index.php/admin/web/appurladd.html. The manipulation of the argument tid leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-11486
A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Management System 1.0. This affects an unknown part of the file /decoration/admin/userpermission.php of the component User Permission Handler. The manipulation leads to permission issues. It is possible to...
CVE-2024-11487
A vulnerability has been found in Code4Berry Decoration Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /decoration/admin/btndatesreport.php of the component Between Dates Reports. The manipulation of the argument fromdate/todate leads to sql...
CVE-2024-11486 Code4Berry Decoration Management System User Permission user_permission.php
A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Management System 1.0. This affects an unknown part of the file /decoration/admin/userpermission.php of the component User Permission Handler. The manipulation leads to permission issues. It is possible to...