Lucene search
K

1044 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/18 10:32 a.m.4 views

CVE-2026-1118

A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/addactivity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...

9.8CVSS5.4AI score0.00323EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/18 10:32 a.m.5 views

CVE-2026-1118 itsourcecode Society Management System add_activity.php sql injection

A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/addactivity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...

6.5CVSS5.6AI score0.00323EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/18 12:0 a.m.8 views

Itsourcecode Society Management System SQL Injection Vulnerability

itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “Title” in the file...

9.8CVSS5.8AI score0.00323EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/01/18 12:0 a.m.7 views

PT-2026-3386

Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A SQL injection issue exists in itsourcecode Society Management System 1.0. The issue is located in the file /admin/add activity.php. Manipulating the Title argument can lead to SQ...

9.8CVSS6.5AI score0.00323EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.10 views

CVE-2023-43358

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component...

5.4CVSS6.9AI score0.00498EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.4 views

CVE-2023-31800

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter...

5.4CVSS6.8AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:30 p.m.5 views

CVE-2023-40877

DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting XSS vulnerability at /dede/freelistedit.php via the title parameter...

5.4CVSS6.2AI score0.00387EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.9 views

CVE-2022-26624

Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting XSS vulnerability via the Title parameter in /vendor/views/addproduct.php...

6.1CVSS6.2AI score0.00902EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.7 views

PT-2026-1979

Name of the Vulnerable Software and Affected Versions Intern Membership Management System version 1.0 Description A SQL injection issue exists in the Intern Membership Management System. The issue is located in the file /intern/admin/add activity.php. Manipulation of the Title argument can lead t...

7.2CVSS5.5AI score0.0033EPSS
Exploits1References10
NVD
NVD
added 2026/01/05 9:15 a.m.8 views

CVE-2026-0582

A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editactivityquery.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be...

9.8CVSS0.00272EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/05 8:32 a.m.31 views

CVE-2026-0582 itsourcecode Society Management System edit_activity_query.php sql injection

A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editactivityquery.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be...

6.5CVSS0.00272EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/05 8:32 a.m.6 views

EUVD-2026-0900

A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editactivityquery.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be...

6.5CVSS6.3AI score0.00272EPSS
Exploits1References7
CVE
CVE
added 2026/01/05 8:32 a.m.21 views

CVE-2026-0582

The CVE pertains to itsourcecode Society Management System 1.0. A SQL injection vulnerability exists in the file /admin/edit_activity_query.php triggered by manipulating the Title parameter, with exploitation described as remote and publicly available. Affected component/file: /admin/edit_activit...

9.8CVSS6.5AI score0.00272EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/01/05 12:0 a.m.7 views

itsourcecode Society Management System SQL注入漏洞

itsourcecode Society Management System is an itsourcecode open source society management system. A SQL injection vulnerability exists in version 1.0 of itsourcecode Society Management System, which stems from an incorrect manipulation of the parameter Title in the file /admin/editactivityquery.ph...

9.8CVSS6.9AI score0.00272EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/02 6:37 p.m.15 views

CVE-2025-15407

A vulnerability has been found in code-projects Online Guitar Store 1.0. This impacts an unknown function of the file /admin/Createcategory.php. Such manipulation of the argument dreCtitle leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public an...

9.8CVSS7AI score0.00329EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/01 6:2 p.m.4 views

CVE-2025-15408 code-projects Online Guitar Store Create_product.php sql injection

A vulnerability was found in code-projects Online Guitar Store 1.0. Affected is an unknown function of the file /admin/Createproduct.php. Performing a manipulation of the argument dretitle results in sql injection. The attack is possible to be carried out remotely. The exploit has been made publi...

7.5CVSS7.1AI score0.00329EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/01 6:2 p.m.5 views

CVE-2025-15408

A vulnerability was found in code-projects Online Guitar Store 1.0. Affected is an unknown function of the file /admin/Createproduct.php. Performing a manipulation of the argument dretitle results in sql injection. The attack is possible to be carried out remotely. The exploit has been made publi...

9.8CVSS7.1AI score0.00329EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.45 views

PT-2026-1014

Name of the Vulnerable Software and Affected Versions code-projects Online Guitar Store version 1.0 Description A SQL injection issue exists in code-projects Online Guitar Store version 1.0. The issue is located in an unknown function within the /admin/Create product.php file. Manipulating the dr...

9.8CVSS7.2AI score0.00329EPSS
Exploits1References12
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Bold Timeline Lite plugin <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Parameter in 'bold_timeline_group' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'title' Parameter in 'boldtimelinegroup' Shortcode vulnerability discovered by zaim in WordPress Plugin Bold Timeline Lite versions = 1.2.7...

6.4CVSS5.9AI score0.00245EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/12/27 2:15 p.m.8 views

CVE-2025-54322

Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used...

9.8CVSS6.4AI score0.13992EPSS
Exploits2References2
Rows per page
Query Builder