CVE-2026-37590

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/managerent.php...

SourceCodester Storage Unit Rental Management System 安全漏洞

The SourceCodester Storage Unit Rental Management System is an open-source system developed by SourceCodester, designed to help manage rental records for storage units and monitor those records. Version 1.0 of the SourceCodester Storage Unit Rental Management System contains a security...

CVE-2026-37589

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in /storage/admin/maintenance/manage_storage_unit.php. The CVE entry (CVE-2026-37589) is corroborated by multiple sources (NVD, ENISA EUVD, CVE List, AttackersKB, CVE enrichment) indicating a SQL injection fl...

CVE-2026-3750

A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...

CVE-2026-3750

A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...

CVE-2026-3750 ContiNew Admin Storage Management S3ClientFactory.java URI.create server-side request forgery

A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...

CVE-2026-3750

CVE-2026-3750 affects ContiNew Admin up to 4.2.0; the vulnerability lies in the function URI.create in continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the Storage Management Module, enabling server-side request forgery. The issue can be exploited remotely (...

CVE-2026-3750

A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...

CVE-2022-42250

Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/inquiries/viewdetails.php?id=...

CVE-2022-42243

Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/managestorage.php?id=...

CVE-2022-42230

Simple Cold Storage Management System v1.0 is vulnerable to SQL Injection via /csms/admin/?page=user/manageuser=...

CVE-2025-68919

Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express DX / AF Management Software before 16.8-16.9.1 PA 2025-12, when collected maintenance data is accessible by a principal/authority other than ETERNUS SF Admin, allows an attacker to potentially affect system confidentiality, integrity, and...

CVE-2025-13813

A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rat...

CVE-2025-13813

A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rat...

CVE-2025-13813 moxi159753 Mogu Blog v2 Storage Management Endpoint storage authorization

A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rat...

EUVD-2025-199958

A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be initiated remotely. The attack's complexity is rat...

Mogu blog 安全漏洞

Mogu blog 蘑菇博客 is a micro-architecture based front-end and back-end shared blogging system by individual developers in Streamlet, China. A security vulnerability exists in Mogu blog v2 5.2 and earlier versions, which originates from a lack of authorization checking in the file /storage/ in the...

PT-2025-48416

Name of the Vulnerable Software and Affected Versions moxi159753 Mogu Blog versions up to 5.2 Description A flaw exists in the Storage Management Endpoint component of moxi159753 Mogu Blog. The issue involves unauthorized processing of the /storage/ file, leading to a missing authorization check...

AMD StoreMI 安全漏洞

AMD StoreMI is an intelligent storage management technology developed by AMD that automatically optimizes the location of data storage to improve system performance by combining the benefits of solid state drives SSDs and mechanical hard drives HDDs. AMD StoreMI suffers from a default privilege...