Lucene search
K

262 matches found

Positive Technologies
Positive Technologies
added 2026/01/11 12:0 a.m.10 views

PT-2026-1782

Name of the Vulnerable Software and Affected Versions Luxul XWR-600 versions prior to 4.0.2 Description A cross-site scripting issue exists in the Web Administration Interface component of Luxul XWR-600. The issue is triggered by manipulating the SSID argument within the Guest Network/Wireless...

4.8CVSS3.6AI score0.00206EPSS
Exploits0References9
CVE
CVE
added 2026/01/08 8:32 p.m.22 views

CVE-2026-0728

The CVE-2026-0728 entry describes a SQL injection in code-projects Intern Membership Management System 1.0, via the admin_id parameter in /intern/admin/delete_admin.php. The issue is remotely exploitable and exploits have been publicly disclosed. No remediation/fix details are provided in the con...

7.2CVSS6.8AI score0.00389EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/01/08 6:15 a.m.5 views

CVE-2026-0698

A vulnerability has been found in code-projects Intern Membership Management System 1.0. This affects an unknown function of the file /intern/admin/editstudents.php. Such manipulation of the argument adminid leads to sql injection. The attack may be launched remotely. The exploit has been disclos...

7.2CVSS5.8AI score0.00369EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/01/03 5:3 a.m.12 views

CVE-2025-15429

A security vulnerability has been detected in UTT 进取 512W 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formConfigCliForEngineerOnly. Such manipulation of the argument addCommand leads to buffer overflow. It is possible to launch the attack remotely. The...

9CVSS6.9AI score0.00811EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/31 3:7 p.m.6 views

CVE-2025-15253

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

9CVSS7.1AI score0.00632EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/12/30 12:25 a.m.24 views

SUSE CVE-2025-15095

A security vulnerability has been detected in postmanlabs httpbin up to 0.6.1. This affects an unknown function of the file httpbin-master/httpbin/core.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used...

5.1CVSS5.7AI score0.00253EPSS
Exploits0References3
NVD
NVD
added 2025/12/30 12:15 a.m.8 views

CVE-2025-15210

A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. This vulnerability affects unknown code of the file /home/editrefugee.php. Such manipulation of the argument a/b/c/sex/d/e/nationalitynid leads to sql injection. The attack may be launched remotely. Th...

9.8CVSS0.00315EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/29 9:3 p.m.13 views

CVE-2025-15154

A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function getuserip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiat...

6.9CVSS5.3AI score0.00215EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/29 9:5 a.m.9 views

CVE-2025-15127

A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...

7.5CVSS6.8AI score0.00407EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.7 views

PT-2025-53710

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A security issue exists in code-projects Refugee Food Management System 1.0. The manipulation of the tfid argument in the file '/home/viewtakenfd.php' leads to a SQL injection. The attack...

9.8CVSS6.7AI score0.00412EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.7 views

PT-2025-53680

Name of the Vulnerable Software and Affected Versions itsourcecode Online Cake Ordering System version 1.0 Description A flaw exists in itsourcecode Online Cake Ordering System version 1.0 that allows for SQL injection. The issue is located in the /updatecustomer.php?action=edit file. Manipulatio...

9.8CVSS6.8AI score0.00326EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2025/12/26 9:23 p.m.11 views

CVE-2025-15087

A security vulnerability has been detected in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function submitOrderPayment of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/OrderController.java. Such manipulation of the argument orderSn leads to improper...

5.3CVSS4.9AI score0.00231EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/25 12:30 a.m.5 views

EUVD-2025-205359

A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contactus.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and...

7.5CVSS7.2AI score0.00381EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/12/25 12:0 a.m.4 views

PT-2025-53414

Name of the Vulnerable Software and Affected Versions youlaitech youlai-mall versions 1.0.0 through 2.0.0 Description A security issue has been identified in youlaitech youlai-mall. Manipulation of the orderSn argument within the submitOrderPayment function, located in the file...

5.3CVSS6.4AI score0.00231EPSS
Exploits1References9
NVD
NVD
added 2025/12/14 2:15 p.m.11 views

CVE-2025-14663

A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/updatestudent.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed a...

4.8CVSS0.00202EPSS
Exploits1References5
CVE
CVE
added 2025/12/13 4:2 p.m.16 views

CVE-2025-14620

CVE-2025-14620 affects code-projects Student File Management System 1.0. The vulnerability resides in the /admin/login_query.php component, where manipulation of the Username parameter enables SQL injection. The issue appears to be exploitable remotely, and publicly disclosed exploit details exis...

9.8CVSS6.8AI score0.00453EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/12 9:16 p.m.5 views

CVE-2025-14538

A security vulnerability has been detected in yangshare warehouseManager 仓库管理系统 1.1.0. This affects the function addCustomer of the file CustomerManageHandler.java. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit has been...

5.1CVSS5.3AI score0.00249EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/11 9:2 p.m.7 views

EUVD-2025-202853

A security vulnerability has been detected in yangshare warehouseManager 仓库管理系统 1.1.0. This affects the function addCustomer of the file CustomerManageHandler.java. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit has been...

5.1CVSS5.1AI score0.00249EPSS
Exploits0References5
OSV
OSV
added 2025/12/05 12:2 a.m.8 views

CVE-2025-14052 youlaitech youlai-mall members getMemberById access control

A vulnerability has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected by this vulnerability is the function getMemberById of the file /mall-ums/app-api/v1/members/. The manipulation of the argument memberId leads to improper access controls. The attack is possible to be carried out...

5.3CVSS6.1AI score0.00225EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.4 views

PT-2025-48430

Name of the Vulnerable Software and Affected Versions moxi159753 Mogu Blog v2 versions up to 5.2 Description A security issue exists in moxi159753 Mogu Blog v2. The FileOperation.unzip function within the ZIP File Handler component, located in the /networkDisk/unzipFile file, is susceptible to pa...

8.8CVSS6AI score0.00552EPSS
Exploits1References11
Rows per page
Query Builder