Lucene search
K

309 matches found

Positive Technologies
Positive Technologies
added 2026/01/19 12:0 a.m.10 views

PT-2026-3487

Name of the Vulnerable Software and Affected Versions birkir prime versions prior to 0.4.0.beta.0 Description A flaw exists in birkir prime up to version 0.4.0.beta.0. The issue resides within an unknown function of the /graphql file within the GraphQL Directive Handler component. Successful...

6.9CVSS5.6AI score0.00494EPSS
Exploits1References7
NVD
NVD
added 2026/01/09 11:15 p.m.14 views

CVE-2025-15501

A vulnerability was determined in Sangfor Operation and Maintenance Management System up to 3.0.8. Impacted is the function WriterHandle.getCmd of the file /isomp-protocol/protocol/getCmd. This manipulation of the argument sessionPath causes os command injection. Remote exploitation of the attack...

10CVSS0.06369EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.7 views

CVE-2023-4986

A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901. Affected by this vulnerability is an unknown functionality of the file Project.xml. The manipulation leads to password hash with insufficient computational effort. Local access is required to approach this...

2.5CVSS6AI score0.00189EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/30 6:8 p.m.11 views

CVE-2025-15199

A security vulnerability has been detected in code-projects College Notes Uploading System 1.0. Impacted is an unknown function of the file /dashboard/userprofile.php. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The exploit h...

8.8CVSS6.5AI score0.00238EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/29 5:32 a.m.5 views

EUVD-2025-205553

A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this vulnerability is the function doAppAuditList of the file src/main/java/com/sohu/cache/web/controller/AppManageController.java. Such manipulation leads to cross site scripting. The attack may be performed...

5.1CVSS3.6AI score0.002EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.6 views

PT-2025-53684

Name of the Vulnerable Software and Affected Versions itsourcecode Online Cake Ordering System version 1.0 Description A SQL injection issue exists in itsourcecode Online Cake Ordering System 1.0. The manipulation of the ID argument in the /detailtransac.php file can lead to SQL injection. This...

9.8CVSS7.5AI score0.00326EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.12 views

PT-2025-53713

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A flaw exists in Refugee Food Management System version 1.0 that allows for remote SQL injection. The issue is located in the file /home/addusers.php. Manipulation of the a argument can le...

9.8CVSS7AI score0.00326EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/12/28 12:0 a.m.6 views

PT-2025-53642

Name of the Vulnerable Software and Affected Versions FantasticLBP Hotels Server affected versions not specified Description A security issue exists in FantasticLBP Hotels Server related to the /controller/api/Room.php file. Manipulation of the hotelId argument can lead to SQL injection. This...

9.8CVSS6.7AI score0.00407EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2025/12/27 12:0 a.m.19 views

PT-2025-53626

Name of the Vulnerable Software and Affected Versions jackq XCMS versions prior to 3fab5342cc509945a7ce1b8ec39d19f701b89261 Description A flaw exists in jackq XCMS that allows for unrestricted file upload. The issue is located in the Upload function within the...

5.8CVSS6.8AI score0.00344EPSS
Exploits1References10
OSV
OSV
added 2025/12/26 2:2 a.m.5 views

CVE-2025-15095 postmanlabs httpbin core.py cross site scripting

A security vulnerability has been detected in postmanlabs httpbin up to 0.6.1. This affects an unknown function of the file httpbin-master/httpbin/core.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used...

5.1CVSS4.1AI score0.00253EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/12/20 4:4 p.m.9 views

CVE-2025-14954

A vulnerability has been found in Open5GS up to 2.7.6. Affected is the function ogspfcppdrfindoradd/ogspfcpfarfindoradd/ogspfcpurrfindoradd/ogspfcpqerfindoradd in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to...

6.3CVSS4.5AI score0.00501EPSS
Exploits1References1
OSV
OSV
added 2025/12/19 6:15 p.m.4 views

CVE-2025-14960

A security vulnerability has been detected in code-projects Simple Blood Donor Management System 1.0. Impacted is an unknown function of the file /editeddonor.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...

9.8CVSS5.7AI score0.00323EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/18 1:32 a.m.6 views

EUVD-2025-204020

A security vulnerability has been detected in yproject RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed public...

6.5CVSS6.5AI score0.00379EPSS
Exploits1References5
OSV
OSV
added 2025/12/16 3:15 a.m.6 views

CVE-2025-14748

A vulnerability was determined in Ningyuanda TC155 57.0.2.0. This affects an unknown function of the file /onvif/deviceservice of the component ONVIF Device Management Service. Executing manipulation of the argument FactoryDefault with the input Hard can lead to improper access controls. The atta...

5.4CVSS5.5AI score0.00569EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/12/15 4:38 p.m.9 views

CVE-2025-14648

A security vulnerability has been detected in DedeBIZ up to 6.5.9. Affected by this vulnerability is an unknown functionality of the file /src/admin/catalogadd.php. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly...

7.2CVSS6.8AI score0.06619EPSS
Exploits1References1
OSV
OSV
added 2025/12/14 10:15 a.m.5 views

CVE-2025-14653

A vulnerability was determined in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /addrecord.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be...

9.8CVSS5.7AI score0.00339EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/13 6:30 p.m.8 views

EUVD-2025-203263

A security vulnerability has been detected in tiny-rdm Tiny RDM up to 1.2.5. Affected by this vulnerability is the function pickle.loads of the file pickleconvert.go of the component Pickle Decoding. The manipulation leads to deserialization. The attack can be initiated remotely. A high degree of...

5CVSS6AI score0.00223EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/11 2:2 p.m.7 views

EUVD-2025-202688

A vulnerability was determined in Yalantis uCrop 2.2.11. This affects the function UCropActivity of the file AndroidManifest.xml. Executing manipulation can lead to improper export of android application components. The attack can only be executed locally. The exploit has been publicly disclosed...

5.3CVSS6.1AI score0.00209EPSS
Exploits1References6
EUVD
EUVD
added 2025/12/08 9:30 a.m.7 views

EUVD-2025-201680

A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File Upload. Performing manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit has been made public an...

5.3CVSS5.8AI score0.00673EPSS
Exploits1References6
NVD
NVD
added 2025/12/07 11:15 p.m.6 views

CVE-2025-14204

A vulnerability has been found in TykoDev cherry-studio-TykoFork 0.1. This issue affects the function redirectToAuthorization of the file /.well-known/oauth-authorization-server of the component OAuth Server Discovery. Such manipulation of the argument authorizationUrl leads to os command...

6.5CVSS0.012EPSS
Exploits0References4
Rows per page
Query Builder