Lucene search
K

461 matches found

EUVD
EUVD
added 2026/03/08 6:31 a.m.5 views

EUVD-2026-10216

A weakness has been identified in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /register.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made availabl...

7.5CVSS7AI score0.0035EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/03/08 5:32 a.m.6 views

CVE-2026-3709

A weakness has been identified in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /register.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made availabl...

7.5CVSS7AI score0.0035EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/03/08 5:2 a.m.31 views

CVE-2026-3708 code-projects Simple Flight Ticket Booking System login.php sql injection

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. The impacted element is an unknown function of the file /login.php. Performing a manipulation of the argument Username results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS0.0037EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/03/08 4:32 a.m.4 views

CVE-2026-3705 code-projects Simple Flight Ticket Booking System Adminsearch.php sql injection

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. This issue affects some unknown processing of the file /Adminsearch.php. The manipulation of the argument flightno results in sql injection. It is possible to launch the attack remotely. The exploit has been made...

7.5CVSS5.7AI score0.00357EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/03/08 12:0 a.m.5 views

Code-Projects Simple Flight Ticket Booking System SQL注入漏洞

Code-Projects Simple Flight Ticket Booking System is a simple airline ticket booking system developed by Code-Projects. Version 1.0 of the code-projects Simple Flight Ticket Booking System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter...

9.8CVSS7.2AI score0.00357EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.5 views

PT-2026-23917

Name of the Vulnerable Software and Affected Versions code-projects Simple Flight Ticket Booking System version 1.0 Description A security flaw exists in code-projects Simple Flight Ticket Booking System version 1.0. The issue involves a SQL injection impacting an unknown function within the...

9.8CVSS7AI score0.0037EPSS
Exploits1References13
CNNVD
CNNVD
added 2026/03/08 12:0 a.m.5 views

Code-Projects Simple Flight Ticket Booking System SQL注入漏洞

Code-Projects Simple Flight Ticket Booking System is a simple airline ticket booking system developed by Code-Projects. Version 1.0 of the Code-Projects Simple Flight Ticket Booking System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the Username paramete...

9.8CVSS7.2AI score0.0035EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.10 views

PT-2026-23941

Name of the Vulnerable Software and Affected Versions Simple Flight Ticket Booking System version 1.0 Description A flaw exists in Simple Flight Ticket Booking System version 1.0, specifically within the SearchResultRoundtrip.php file. Manipulation of input provided to the application through the...

9.8CVSS7AI score0.00345EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.5 views

CVE-2026-24959

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through = 3.0.1...

8.5CVSS5.8AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.8 views

CVE-2025-67977

Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through = 1.0.8...

8.2CVSS0.00269EPSS
Exploits0References1
NVD
NVD
added 2026/02/16 9:16 a.m.6 views

CVE-2026-2547

A vulnerability was detected in LigeroSmart up to 6.1.26. The impacted element is the function AgentDashboard of the file /otrs/index.pl. Performing a manipulation of the argument Subaction results in cross site scripting. Remote exploitation of the attack is possible. The exploit is now public a...

6.1CVSS0.00296EPSS
Exploits1References6
Patchstack
Patchstack
added 2026/02/04 7:5 a.m.7 views

WordPress WooCommerce Support Ticket System plugin <= 17.7 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability

Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Tonn in WordPress Plugin WooCommerce Support Ticket System versions = 17.7...

8.8CVSS8.4AI score0.00905EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/01/31 12:0 a.m.7 views

WordPress Plugin SupportCandy – Helpdesk & Customer Support Ticket System SQL Injection Vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.5CVSS5.8AI score0.00343EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/12/14 4:6 a.m.6 views

CVE-2025-14581

The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'submitformreply' AJAX action in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level acces...

5.3CVSS5.5AI score0.00218EPSS
Exploits0References1
NVD
NVD
added 2025/12/13 4:16 p.m.4 views

CVE-2025-14581

The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'submitformreply' AJAX action in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level acces...

4.3CVSS0.00218EPSS
Exploits0References4
CVE
CVE
added 2025/12/13 3:20 a.m.21 views

CVE-2025-14581

CVE-2025-14581 affects the WordPress plugin “HAPPY – Helpdesk Support Ticket System.” The issue is an authorization bypass caused by a missing capability check on the submit_form_reply AJAX action, allowing authenticated users with Subscriber+ privileges to post replies to arbitrary tickets regar...

4.3CVSS5.1AI score0.00218EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/13 3:20 a.m.3 views

CVE-2025-14581 HAPPY – Helpdesk Support Ticket System <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Reply

The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'submitformreply' AJAX action in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level acces...

4.3CVSS5.1AI score0.00218EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.5 views

WordPress plugin HAPPY – Helpdesk Support Ticket System 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin...

5.3CVSS6AI score0.00218EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/11/07 3:54 p.m.5 views

CVE-2025-49372

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

10CVSS7.2AI score0.00436EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/06 6:32 p.m.5 views

EUVD-2025-38109

Unrestricted Upload of File with Dangerous Type vulnerability in Plugify Helpdesk Support Ticket System for WooCommerce support-ticket-system-for-woocommerce allows Using Malicious Files.This issue affects Helpdesk Support Ticket System for WooCommerce: from n/a through = 2.1.0...

6.4AI score0.00415EPSS
Exploits0References2
Rows per page
Query Builder