Lucene search
K

5655 matches found

CVE
CVE
added 2025/05/01 9:31 a.m.58 views

CVE-2025-4159

CVE-2025-4159 affects PCMan FTP Server up to 2.0.7. The GLOB Command Handler allows a remote buffer overflow leading to arbitrary code execution or DoS. Exploitation information is publicly disclosed. Some sources (PT-2025-18377) recommend disabling the GLOB Command Handler until a fix is availab...

9.8CVSS7.5AI score0.00596EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/05/01 9:15 a.m.18 views

CVE-2025-4157

A vulnerability was found in PHPGurukul Boat Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/booking-details.php. The manipulation of the argument Status leads to sql injection. The attack may be initiated remotely. The exploit has been...

8.8CVSS0.00342EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.5 views

PT-2025-18366 · Unknown · Phpgurukul Online Birth Certificate System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Birth Certificate System version 1.0 Description: A critical vulnerability has been found in the PHPGurukul Online Birth Certificate System. The issue is related to an unknown function of the file...

9.8CVSS7.4AI score0.00266EPSS
Exploits1References12
NVD
NVD
added 2025/04/30 11:16 p.m.27 views

CVE-2025-4142

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but di...

9.8CVSS0.00968EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/04/30 6:46 p.m.6 views

CVE-2025-2170

A Server-side request forgery SSRF vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location...

7.3AI score0.00295EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/29 12:0 a.m.5 views

PT-2025-18169 · Unknown · Scriptandtools Online-Travling-System

Name of the Vulnerable Software and Affected Versions: ScriptAndTools Online-Travling-System version 1.0 Description: A critical vulnerability has been found in the software, affecting an unknown function of the file /admin/viewpackage.php. This leads to improper access controls, allowing for...

6.9CVSS5.1AI score0.00438EPSS
Exploits0References8
NVD
NVD
added 2025/04/28 1:15 p.m.20 views

CVE-2025-4020

A vulnerability was found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /contact.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely. The exploit has...

9.8CVSS0.00456EPSS
Exploits1References5
NVD
NVD
added 2025/04/28 12:15 p.m.13 views

CVE-2025-4019

A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing...

9.8CVSS0.00602EPSS
Exploits0References4
CVE
CVE
added 2025/04/28 12:0 p.m.55 views

CVE-2025-4019

The CVE-2025-4019 entry concerns Novel-Plus (versions from 20120630 up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160). The flaw is in the GeneratorController.java, specifically the genCode function, where manipulation leads to missing authentication. This enables a remote attacker to exploit the vu...

9.8CVSS7.2AI score0.00602EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/27 6:0 a.m.9 views

CVE-2025-3960 withstars Books-Management-System Background Interface allreaders.html authorization

A vulnerability was found in withstars Books-Management-System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /allreaders.html of the component Background Interface. The manipulation leads to missing authorization. The attack may be launched...

7.5CVSS7.2AI score0.00542EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/04/27 12:0 a.m.4 views

PT-2025-17982 · Withstars · Books-Management-System

Name of the Vulnerable Software and Affected Versions: withstars Books-Management-System version 1.0 Description: A vulnerability was found in the withstars Books-Management-System. It has been classified as problematic and affects an unknown function of the file /book edit do.html of the compone...

5.1CVSS3.5AI score0.00338EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/04/27 12:0 a.m.5 views

PT-2025-17989 · Unknown · Withstars Books-Management-System

Name of the Vulnerable Software and Affected Versions: withstars Books-Management-System version 1.0 Description: A critical issue has been found in the Background Interface of the withstars Books-Management-System, affecting the file /admin/article/list. This issue leads to missing authorization...

9.8CVSS7.1AI score0.00542EPSS
Exploits1References15
RedhatCVE
RedhatCVE
added 2025/04/26 1:8 a.m.14 views

CVE-2025-3726

A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the publi...

9.8CVSS7.2AI score0.0062EPSS
Exploits1References1
NVD
NVD
added 2025/04/22 1:15 a.m.7 views

CVE-2025-3850

A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This issue affects some unknown processing of the component API. The manipulation leads to improper authentication. The attack may be initiated remotely. The complexity of an attack is...

6.3CVSS0.00522EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/04/19 10:31 a.m.35 views

CVE-2025-3799 WCMS AnonymousController.php sql injection

A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousController.php. The manipulation of the argument email/username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.5CVSS0.00428EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/04/16 3:35 p.m.5 views

CVE-2025-3569

A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ShiroConfig.java. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been...

6.5CVSS6.8AI score0.00352EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/16 2:54 p.m.7 views

CVE-2025-3567

A vulnerability, which was classified as problematic, was found in veal98 小牛肉 Echo 开源社区系统 4.2. Affected is the function preHandle of the file src/main/java/com/greate/community/controller/interceptor/LoginTicketInterceptor.java of the component Ticket Handler. The manipulation leads to improper...

5.3CVSS7AI score0.00279EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 2:15 p.m.34 views

CVE-2025-3692

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=saveproduct. The manipulation leads to cross site scripting. The attack can be launched...

5.4CVSS0.00293EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/04/16 10:31 a.m.29 views

CVE-2025-3682 PCMan FTP Server PASV Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. This affects an unknown part of the component PASV Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

7.5CVSS0.0062EPSS
Exploits1References4
NVD
NVD
added 2025/04/16 7:15 a.m.28 views

CVE-2025-3675

A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822B20200513. It has been rated as critical. Affected by this issue is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been...

6.9CVSS0.00481EPSS
Exploits1References5
Rows per page
Query Builder