Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/12/13 5:2 p.m.5 views

CVE-2025-14567

A weakness has been identified in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This affects an unknown function of the file /api/employees. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has...

7.5CVSS5.4AI score0.00684EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/18 3:5 a.m.20 views

CVE-2025-10460

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS8.2AI score0.00246EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/17 2:48 a.m.5 views

CVE-2025-10460 Unsanitized parameter input leading to SQL Injection vulnerability

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS7.7AI score0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/17 2:48 a.m.8 views

CVE-2025-10460 Unsanitized parameter input leading to SQL Injection vulnerability

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS0.00246EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/17 2:48 a.m.4 views

EUVD-2025-197751

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS7.6AI score0.00246EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.4 views

PT-2025-47106

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnerability occurs due to improper input...

9.4CVSS8.2AI score0.00246EPSS
Exploits0References3
ICS
ICS
added 2024/01/23 7:0 a.m.36 views

Lantronix XPort

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Low attack complexity Vendor : Lantronix Equipment : XPort Vulnerability : Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain credentials. 3. TECHNICAL DETAILS 3.1...

7.5CVSS6.7AI score0.00305EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/06/14 4:46 a.m.2 views

Cisco Catalyst 2940 Series Switches vulnerable to cross-site scripting

Overview Cisco Catalyst 2940 Series Switches provided by Cisco Systems, Inc., with firmware versions prior to 12.250SY, improperly processes user input and generates error pages, leading to a cross-site scripting vulnerability CWE-79. The vulnerability has been addressed on 12.250SY released in...

6.1CVSS6.1AI score0.00572EPSS
Exploits0References5
Rows per page
Query Builder