12962 matches found
CVE-2025-15199
A security vulnerability has been detected in code-projects College Notes Uploading System 1.0. Impacted is an unknown function of the file /dashboard/userprofile.php. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The exploit h...
CVE-2025-15199
A security vulnerability has been detected in code-projects College Notes Uploading System 1.0. Impacted is an unknown function of the file /dashboard/userprofile.php. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The exploit h...
CVE-2025-15198
A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing a manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available ...
CVE-2025-15198
A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing a manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available ...
CVE-2025-15199 code-projects College Notes Uploading System userprofile.php unrestricted upload
A security vulnerability has been detected in code-projects College Notes Uploading System 1.0. Impacted is an unknown function of the file /dashboard/userprofile.php. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The exploit h...
CVE-2025-15199
CVE-2025-15199 affects code-projects College Notes Uploading System 1.0. The vulnerability exists in an unknown function handling the image parameter in /dashboard/userprofile.php, enabling unrestricted file upload. Remote exploitation is possible; exploits have been publicly disclosed and may be...
CVE-2025-15198
A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing a manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available ...
EUVD-2025-205626
A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available to...
CVE-2025-15198 code-projects College Notes Uploading System login.php sql injection
A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing a manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available ...
CVE-2025-15198 code-projects College Notes Uploading System login.php sql injection
A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing a manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available ...
CVE-2025-15198
CVE-2025-15198 affects College Notes Uploading System 1.0. The vulnerability is a SQL injection in the /login.php handling of the User parameter, exploitable remotely. Multiple connected sources confirm that mishandling of User leads to database access/tampering with no authentication required. E...
CVE-2025-68927
Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnerable to stored HTML injection in the contact notes feature. When adding notes via POST /api/v1/contacts/id/notes, the backend automatically wraps user input in tags. However, by intercepting the...
Code-Projects College Notes Uploading System 代码问题漏洞
College Notes Uploading System is a college notes uploading system. College Notes Uploading System has a code issue vulnerability that stems from an unknown function in the /dashboard/userprofile.php file that mishandles the image parameter. An attacker can exploit this vulnerability to upload...
PT-2025-53773
Name of the Vulnerable Software and Affected Versions code-projects College Notes Uploading System version 1.0 Description A security issue exists in code-projects College Notes Uploading System 1.0. The manipulation of the image argument in an unknown function within the /dashboard/userprofile.p...
Fedora: Security Advisory (FEDORA-2025-16548b7718)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Code-Projects College Notes Uploading System SQL注入漏洞
College Notes Uploading System is a college notes uploading system. College Notes Uploading System suffers from a SQL injection vulnerability that originates from the mishandling of the User parameter operation by an unknown handler function in the /login.php file. An attacker can use this...
CVE-2025-68927
Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnerable to stored HTML injection in the contact notes feature. When adding notes via POST /api/v1/contacts/id/notes, the backend automatically wraps user input in tags. However, by intercepting the...
CVE-2025-68927 Improper Neutralization of HTML Tags in a Web Page in libredesk
Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnerable to stored HTML injection in the contact notes feature. When adding notes via POST /api/v1/contacts/id/notes, the backend automatically wraps user input in tags. However, by intercepting the...
CVE-2025-68927 Improper Neutralization of HTML Tags in a Web Page in libredesk
Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnerable to stored HTML injection in the contact notes feature. When adding notes via POST /api/v1/contacts/id/notes, the backend automatically wraps user input in tags. However, by intercepting the...
CVE-2025-68927
Libredesk prior to version 0.8.6-beta is vulnerable to stored HTML injection in the contact notes feature. Notes added via POST /api/v1/contacts/{id}/notes are wrapped in tags; removing the wrapper in transit allows attackers to inject arbitrary HTML (e.g., forms, images) that is stored and rend...