Lucene search
K

254 matches found

CNNVD
CNNVD
added 2022/11/11 12:0 a.m.27 views

ForU CMS 跨站脚本漏洞

ForU CMS is a website builder system by ForU Open Source. A security vulnerability exists in ForU CMS that originates from unknown code in cmschip.php. An attacker can exploit the vulnerability to cause cross-site scripting through manipulation of parameter names...

5.4CVSS5.4AI score0.00344EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/10/18 12:0 a.m.4 views

Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. A security vulnerability exists in Canteen Management System version 1.0, which stems from unknown code in the file login.php is affected, and manipulation of the parameter business may result in sql...

9.8CVSS8.2AI score0.00656EPSS
Exploits1References3
OSV
OSV
added 2022/10/17 12:15 p.m.3 views

CVE-2022-3548

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Add New Storage Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be...

4.8CVSS3.8AI score0.0049EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/10/12 12:0 a.m.3 views

Media Links routers 授权问题漏洞

Media Links routers are a series of wireless routers from the Japanese company Media Links. Media Links routers contain an authorization issue vulnerability that originates from unknown code in index.asp, which can be exploited by an attacker to bypass the login screen and gain unauthorized acces...

9.8CVSS8.4AI score0.00768EPSS
Exploits1References3
OSV
OSV
added 2022/08/27 9:15 a.m.4 views

CVE-2022-3014

A vulnerability classified as problematic was found in SourceCodester Simple Task Managing System. This vulnerability affects unknown code. The manipulation of the argument studentadd leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is...

6.1CVSS3.9AI score0.0049EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/08/11 12:0 a.m.3 views

Simple Online Book Store System 代码问题漏洞

Simple Online Book Store System is a simple online bookstore system by Carlo Montero Personal Developer. Simple Online Book Store System has a code issue vulnerability that stems from unknown code in its Admin add.php component that could lead to an unrestricted upload by a remote attacker...

9.8CVSS8.3AI score0.00463EPSS
Exploits0References2
CNVD
CNVD
added 2022/07/01 12:0 a.m.29 views

TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53542)

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that originates from unknown code in the file /admin/conferences/get-all-status/, with the parameter...

5.4CVSS3.1AI score0.00577EPSS
Exploits1References1
Prion
Prion
added 2022/06/23 5:15 a.m.15 views

Cross site request forgery (csrf)

A vulnerability was found in Global Content Blocks Plugin 2.1.5. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely...

6.8CVSS8.5AI score0.00557EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/20 8:10 p.m.15 views

CVE-2017-20066 Adminer Login access control

A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used...

5.3CVSS7.6AI score0.004EPSS
Exploits1References3
NVD
NVD
added 2022/06/13 7:15 a.m.17 views

CVE-2017-20045

A vulnerability was found in Navetti PricePoint 4.6.0.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading t...

8.8CVSS0.00453EPSS
Exploits1References2
Prion
Prion
added 2022/06/13 7:15 a.m.14 views

Cross site request forgery (csrf)

A vulnerability was found in Navetti PricePoint 4.6.0.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading t...

6.8CVSS8.6AI score0.00453EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/13 6:50 a.m.23 views

CVE-2017-20045 Navetti PricePoint cross-site request forgery

A vulnerability was found in Navetti PricePoint 4.6.0.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading t...

7.3CVSS8.7AI score0.00453EPSS
Exploits1References2
Prion
Prion
added 2022/06/09 11:15 p.m.16 views

Information disclosure

A vulnerability has been found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is...

5CVSS7.3AI score0.01335EPSS
Exploits1References2Affected Software8
Veracode
Veracode
added 2019/05/16 3:19 a.m.49 views

Privilege Escalation

Oracle Java SE is vulnerable to privilege escalation vulnerability. The vulnerability exists in the Java SE, Java SE Embedded component of Oracle Java SE due to an unknown code block of the component Hotspot. An unauthenticated attacker with network access via multiple protocols could compromise...

8.3CVSS8.5AI score0.0401EPSS
Exploits0References26Affected Software6
Rows per page
Query Builder