164 matches found
CVE-2026-32972 OpenClaw < 2026.3.11 - Authorization Bypass in Browser Profile Management via browser.request
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing authenticated operators with only operator.write permission to access admin-only browser profile management routes through browser.request. Attackers can create or modify browser profiles and persist...
Incorrect Authorization
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the browser.request. An attacker can modify or create browser profiles and persist unauthorized configuration changes by sending crafted requests to profile...
CVE-2021-22928
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM...
CVE-2025-14285
A vulnerability was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpersonnel.php. The manipulation of the argument perid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be use...
Employee Profile Management System Code Issue Vulnerability
Employee Profile Management System is an employee profile management system. Employee Profile Management System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter perfile in the file /profiling/addfilequery.php. No details of the...
CVE-2025-14222
A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /printpersonnelreport.php. This manipulation of the argument perid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2025-14285
A vulnerability was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpersonnel.php. The manipulation of the argument perid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be use...
CVE-2025-14285
A vulnerability was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpersonnel.php. The manipulation of the argument perid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be use...
CVE-2025-14285 code-projects Employee Profile Management System edit_personnel.php sql injection
A vulnerability was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpersonnel.php. The manipulation of the argument perid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be use...
CVE-2025-14285
Code-projects Employee Profile Management System 1.0 is affected by a SQL injection in edit_personnel.php via the per_id parameter. The flaw enables remote exploitation and has publicly available exploits; multiple sources corroborate the issue. There is no product-specific patch details in the p...
EUVD-2025-201842
A vulnerability was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpersonnel.php. The manipulation of the argument perid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be use...
Code-Projects Employee Profile Management System 安全漏洞
Employee Profile Management System is an employee profile management system. The Employee Profile Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter perid in the file editpersonnel.php. An...
PT-2025-49687
Name of the Vulnerable Software and Affected Versions code-projects Employee Profile Management System version 1.0 Description A flaw exists in the Employee Profile Management System that allows for remote code execution. The issue is located in the edit personnel.php file, specifically within an...
CVE-2025-14194
A vulnerability was identified in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file /viewpersonnel.php. The manipulation of the argument peraddress/drschool/otherschool leads to cross site scripting. The attack may be initiated remotely...
CVE-2025-14222
A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /printpersonnelreport.php. This manipulation of the argument perid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2025-14222
A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /printpersonnelreport.php. This manipulation of the argument perid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2025-14222 code-projects Employee Profile Management System print_personnel_report.php sql injection
A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /printpersonnelreport.php. This manipulation of the argument perid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2025-14222 code-projects Employee Profile Management System print_personnel_report.php sql injection
A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /printpersonnelreport.php. This manipulation of the argument perid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
Code-Projects Employee Profile Management System 安全漏洞
Employee Profile Management System is an employee profile management system. An SQL injection vulnerability exists in Employee Profile Management System, which stems from the lack of validation of externally entered SQL statements in the parameter perid in the file /printpersonnelreport.php. An...
PT-2025-49512
A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /print personnel report.php. This manipulation of the argument per id causes sql injection. The attack may be initiated remotely. The exploit has been published and may be us...