Lucene search
+L

310 matches found

NVD
NVD
added 2025/12/07 11:15 p.m.6 views

CVE-2025-14204

A vulnerability has been found in TykoDev cherry-studio-TykoFork 0.1. This issue affects the function redirectToAuthorization of the file /.well-known/oauth-authorization-server of the component OAuth Server Discovery. Such manipulation of the argument authorizationUrl leads to os command...

6.5CVSS0.012EPSS
Exploits0References4
OSV
OSV
added 2025/12/04 5:32 p.m.6 views

CVE-2025-14012 JIZHICMS Batch Delete Comments deleteAll.html delete sql injection

A vulnerability was determined in JIZHICMS up to 2.5.5. The affected element is the function deleteAll/findAll/delete of the file /index.php/admins/Comment/deleteAll.html of the component Batch Delete Comments. Executing a manipulation can lead to sql injection. The attack can be launched remotel...

5.1CVSS5.7AI score0.00334EPSS
Exploits1References6
NVD
NVD
added 2025/11/24 3:16 a.m.8 views

CVE-2025-13580

A vulnerability was determined in code-projects Library System 1.0. Affected is an unknown function of the file /mail.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

8.8CVSS0.00273EPSS
Exploits1References5
OSV
OSV
added 2025/11/23 1:15 p.m.4 views

CVE-2025-13550

A vulnerability was determined in D-Link DIR-822K and DWR-M920 1.0020250513164613/1.1.50. Impacted is an unknown function of the file /boafrm/formVpnConfigSetup. Executing manipulation of the argument submit-url can lead to buffer overflow. The attack can be executed remotely. The exploit has bee...

8.7CVSS6.4AI score0.00692EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/11/18 10:49 a.m.8 views

CVE-2025-13275

A security vulnerability has been detected in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This affects an unknown part of the file /admin/about.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has be...

5.8CVSS4.8AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/17 1:14 p.m.7 views

CVE-2025-13179

A vulnerability has been found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. This issue affects some unknown processing. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit has been disclose...

6.5CVSS4.4AI score0.00217EPSS
Exploits1References1
NVD
NVD
added 2025/11/17 11:15 a.m.9 views

CVE-2025-13275

A security vulnerability has been detected in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This affects an unknown part of the file /admin/about.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has be...

5.8CVSS0.00276EPSS
Exploits0References4
CVE
CVE
added 2025/11/17 1:32 a.m.20 views

CVE-2025-13257

CVE-2025-13257 affects itsourcecode Inventory Management System 1.0, with the vulnerable element in /admin/user/index.php?view=edit. The issue is an SQL injection caused by manipulation of the ID parameter, exploitable remotely. Public exploits have been disclosed. Documented impact indicates hig...

9.8CVSS6.7AI score0.00379EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/11/16 12:30 p.m.8 views

EUVD-2025-197726

A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown function of the file /OfficeServer?isAjaxDownloadTemplate=false of the component OfficeServer Interface. Such manipulation of the argument FileData leads to unrestricted upload. The attack can be launch...

6.5CVSS6.3AI score0.00234EPSS
Exploits0References5
OSV
OSV
added 2025/11/16 4:15 a.m.5 views

CVE-2025-13235

A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument useremail can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly...

9.8CVSS5.8AI score0.00379EPSS
Exploits1References5
OSV
OSV
added 2025/11/02 11:15 a.m.6 views

CVE-2025-12596

A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentControlInfo. Such manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS6.3AI score0.01141EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/10/28 1:49 p.m.11 views

CVE-2025-12281

A vulnerability was determined in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/clientview.php. Executing manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be...

5.4CVSS5.6AI score0.00225EPSS
Exploits1References1
NVD
NVD
added 2025/10/27 7:15 a.m.9 views

CVE-2025-12236

A vulnerability was determined in Tenda CH22 1.0.0.1. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and ma...

9CVSS0.03176EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.11 views

PT-2025-44022

Name of the Vulnerable Software and Affected Versions VirtFusion versions through 6.0.2 Description A security issue exists in VirtFusion that relates to improper restriction of excessive authentication attempts. The issue is located within the Email Change Handler component, specifically affecti...

6.9CVSS5.4AI score0.00427EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/13 5:29 a.m.5 views

CVE-2025-11604

A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

9.8CVSS7AI score0.00387EPSS
Exploits1References1
NVD
NVD
added 2025/10/08 7:15 a.m.8 views

CVE-2025-11440

A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Executing manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This patch is called...

5.3CVSS0.00325EPSS
Exploits1References5
OSV
OSV
added 2025/10/07 10:15 a.m.3 views

CVE-2025-11385

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fastsettingwifiset. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publi...

8.7CVSS6.2AI score0.00739EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/06 12:0 a.m.6 views

PT-2025-40873

Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.196318 Description A stack-based buffer overflow exists in the Tenda AC18 device. The issue is located in the /goform/SetUpnpCfg file and involves the manipulation of the upnpEn argument. This allows for remote...

9CVSS8.9AI score0.01147EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-24007

Malicious code in bioql PyPI...

4.8CVSS4.1AI score0.00019EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-28384

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00378EPSS
Exploits0References5
Rows per page
Query Builder