CVE-2025-5176

CVE-2025-5176 affects Realce Tecnologia Queue Ticket Kiosk (up to 20250517). The vulnerability is an SQL injection in the Admin Login Page, targeting the file /adm/index.php via the argument Usuário. Impact: high confidentiality/integrity risk per CVSS details; vector is network with low attack c...

CVE-2025-5176 Realce Tecnologia Queue Ticket Kiosk Admin Login Page index.php sql injection

A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. It has been declared as critical. This vulnerability affects unknown code of the file /adm/index.php of the component Admin Login Page. The manipulation of the argument Usuário leads to sql injection. The attack can...

CVE-2025-5176 Realce Tecnologia Queue Ticket Kiosk Admin Login Page index.php sql injection

A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. It has been declared as critical. This vulnerability affects unknown code of the file /adm/index.php of the component Admin Login Page. The manipulation of the argument Usuário leads to sql injection. The attack can...

Realce Tecnologia Queue Ticket Kiosk 注入漏洞

Realce Tecnologia Queue Ticket Kiosk is a queue management software from Realce Tecnologia. An injection vulnerability exists in Realce Tecnologia Queue Ticket Kiosk 20250517 and earlier versions, which stems from a parameter Usuário operation that results in SQL injection...

A Framework for Combined Transaction Posting and Pricing for Layer 2 Blockchains

This paper presents a comprehensive framework for transaction posting and pricing in Layer 2 L2 blockchain systems, focusing on challenges stemming from fluctuating Layer 1 L1 gas fees and the congestion issues within L2 networks. Existing methods have focused on the problem of optimal posting...

Realce Tecnologia Queue Ticket Kiosk 代码注入漏洞

Realce Tecnologia Queue Ticket Kiosk is a queue management software from Realce Tecnologia. A code injection vulnerability exists in Realce Tecnologia Queue Ticket Kiosk 20250517 and prior versions, which stems from a parameter Name/Usuário operation leading to cross-site scripting...

Realce Tecnologia Queue Ticket Kiosk 代码问题漏洞

Realce Tecnologia Queue Ticket Kiosk is a queue management software from Realce Tecnologia. A code issue vulnerability exists in Realce Tecnologia Queue Ticket Kiosk 20250517 and prior versions, which stems from an unrestricted upload due to the parameter files operation...

PT-2025-22918 · Realce Tecnologia · Queue Ticket Kiosk

Name of the Vulnerable Software and Affected Versions: Realce Tecnologia Queue Ticket Kiosk versions up to 20250517 Description: A critical vulnerability affects the unknown code of the file /adm/index.php of the component Admin Login Page. The manipulation of the argument Usuário leads to SQL...

Realce Tecnologia Queue Ticket Kiosk 代码注入漏洞

Realce Tecnologia Queue Ticket Kiosk is a queue management software from Realce Tecnologia. A code injection vulnerability exists in Realce Tecnologia Queue Ticket Kiosk 20250517 and prior versions, which stems from a parameter Usuário operation leading to cross-site scripting...

PT-2025-22921 · Realce Tecnologia · Realce Tecnologia Queue Ticket Kiosk

Name of the Vulnerable Software and Affected Versions: Realce Tecnologia Queue Ticket Kiosk up to 20250517 Description: A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk, affecting an unknown functionality of the file /adm/index.php of the component Cadastro de Administrador Page...

PT-2025-22919 · Realce Tecnologia · Queue Ticket Kiosk

Name of the Vulnerable Software and Affected Versions: Realce Tecnologia Queue Ticket Kiosk up to 20250517 Description: A vulnerability was found in the Admin Login Page component, specifically affecting the /adm/index.php file. The manipulation of the Usuário argument leads to cross-site...

PT-2025-22920 · Realce Tecnologia · Realce Tecnologia Queue Ticket Kiosk

Name of the Vulnerable Software and Affected Versions: Realce Tecnologia Queue Ticket Kiosk up to 20250517 Description: A critical vulnerability has been found in the Image File Handler component of the affected software, specifically in an unknown function of the file /adm/ajax.php. The...

CVE-2025-48738

An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows unauthenticated remote attackers to use the password reset feature without limits. This can lead to several consequences, including mailbox storage...

CVE-2024-0390

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same MQTT queue is used by corresponding physical recuperation devices. Exploiting this vulnerability could potentially allow unauthorized access to manage and read parameters of the recuperation unit...

CVE-2024-29897

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. It is possible for users with delete or suppressrevision on any wiki in the farm to access suppressed wiki requests by going to the request's entry on Special:RequestWikiQueue on the wiki where they have these rights. T...

CVE-2024-3317

An improper access control was identified in the Identity Security Cloud ISC message server API that allowed an authenticated user to exfiltrate job processing metadata opaque messageIDs, work queue depth and counts for other tenants...

CVE-2024-54003

Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...

CVE-2023-22874

IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216...

CVE-2023-41943

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue...

CVE-2023-38498

Discourse is an open source discussion platform. Prior to version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches, a malicious user can prevent the defer queue from proceeding promptly on sites hosted in the same multisite installation. The issue is patche...