Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/03/28 11:10 p.m.3 views

CVE-2026-4970

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2026/03/27 6:24 p.m.14 views

CVE-2026-4970

CVE-2026-4970 affects code-projects Social Networking Site 1.0. The vulnerability is SQL injection in the file delete_photos.php (Endpoint component) triggered by manipulating the ID argument. It can be exploited remotely and the exploit is publicly available. The connected CVE records do not pro...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/27 6:24 p.m.2 views

CVE-2026-4970 code-projects Social Networking Site Endpoint delete_photos.php sql injection

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/27 6:24 p.m.32 views

CVE-2026-4970 code-projects Social Networking Site Endpoint delete_photos.php sql injection

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

6.5CVSS0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/27 6:24 p.m.3 views

CVE-2026-4970

A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...

6.5CVSS5.8AI score0.00192EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/09/27 9:15 p.m.4 views

CVE-2025-11078

A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/controller.php?action=photos. The manipulation of the argument photo leads to unrestricted upload. The attack is possible to be carried out...

8.8CVSS5.5AI score0.00302EPSS
Exploits1References5
CNVD
CNVD
added 2018/11/20 12:0 a.m.4 views

School Event Management System Arbitrary File Upload Vulnerability

School Event Management System is a school event management system. An arbitrary file upload vulnerability exists in School Event Management System version 1.0, which can be exploited to upload arbitrary files with the help of event/controller.php?action=photos URL...

9.8CVSS9.5AI score0.09504EPSS
Exploits5References1
Rows per page
Query Builder