Lucene search
K

190 matches found

OSV
OSV
added 2025/04/03 7:15 p.m.2 views

CVE-2025-3175

A vulnerability was found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /saveusereditprofile.php. The manipulation of the argument firstName leads to sql injection. The attack may be launched...

9.8CVSS6.9AI score0.00478EPSS
Exploits0References4
CVE
CVE
added 2025/03/24 7:0 p.m.89 views

CVE-2025-2707

CVE-2025-2707 affects zhijiantianya ruoyi-vue-pro 2.4.1. The root cause is a path traversal vulnerability in the Front-End Store Interface file endpoint /app-api/infra/file/upload, allowing manipulation of the path argument. The issue is exploitable remotely, with public exploit disclosures. Affe...

9.1CVSS7AI score0.00809EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/17 12:0 a.m.7 views

PT-2025-11551

Name of the Vulnerable Software and Affected Versions 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e Description A vulnerability was found in 猫宁i Morning, affecting an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The...

5.3CVSS6AI score0.00241EPSS
Exploits0References12
OSV
OSV
added 2025/03/04 9:15 p.m.5 views

CVE-2025-1955

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site...

5.4CVSS3.6AI score0.00338EPSS
Exploits1References5
OSV
OSV
added 2025/02/23 11:15 a.m.4 views

CVE-2025-1581

A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /book-nurse.php?bookid=1. The manipulation of the argument contactname leads to sql injection. The attack can be launche...

9.8CVSS5.8AI score0.00422EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/20 12:0 a.m.6 views

PT-2025-2206 · Obsproject · Obs Studio

Name of the Vulnerable Software and Affected Versions: obsproject OBS Studio versions up to 30.0.2 Description: A vulnerability has been found in obsproject OBS Studio, affecting an unknown functionality. The manipulation leads to an untrusted search path. The attack needs to be approached locall...

4.5CVSS4.8AI score0.00199EPSS
Exploits0References9
OSV
OSV
added 2025/01/12 2:15 p.m.2 views

CVE-2025-0398

A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the component Backend. The manipulation of the argument remark leads to cross site scripting. The...

5.1CVSS3.6AI score0.00308EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.6 views

PT-2025-3832 · Unknown · Code-Projects Online Bike Rental System

Name of the Vulnerable Software and Affected Versions: code-projects Online Bike Rental System version 1.0 Description: A critical issue has been found in the Change Image Handler component, allowing for unrestricted upload. This can be exploited remotely. The issue affects some unknown...

9.8CVSS7AI score0.00507EPSS
Exploits1References9
OSV
OSV
added 2024/12/30 2:15 a.m.4 views

CVE-2024-13033

A vulnerability, which was classified as problematic, has been found in code-projects Chat System 1.0. Affected by this issue is some unknown functionality of the file /admin/chatroom.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The...

6.1CVSS3.8AI score0.00299EPSS
Exploits0References4
OSV
OSV
added 2024/12/26 3:15 a.m.4 views

CVE-2024-12932

A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file addSizeController.php. The manipulation of the argument size leads to cross site scripting. The attack can be launched...

4.6CVSS3.7AI score0.00389EPSS
Exploits0References5
NVD
NVD
added 2024/11/12 3:15 p.m.44 views

CVE-2024-11127

A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploi...

8.8CVSS0.00484EPSS
Exploits1References5
CVE
CVE
added 2024/11/08 4:0 a.m.54 views

CVE-2024-10988

The CVE-2024-10988 entry affects code-projects E-Health Care System v1.0, where the vulnerability lies in the file /Doctor/doctor_login.php. The root cause is improper handling of the email parameter, enabling SQL injection that can be triggered remotely and may affect multiple parameters. Severa...

9.1CVSS7.6AI score0.00624EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2024/11/01 11:31 a.m.43 views

CVE-2024-10654 TOTOLINK LR350 formLoginAuth.htm authorization

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to authorization bypass. The attack can be...

6.9CVSS0.01532EPSS
Exploits1References6
CVE
CVE
added 2024/10/20 5:0 a.m.52 views

CVE-2024-10173

CVE-2024-10173 affects the didi DDMQ 1.0 Console Module. The vulnerability stems from input manipulation of "/;login" that results in improper authentication. It can be exploited remotely, and public disclosures exist. Several connected sources (NVD, Red Hat, CVE list, and related feeds) describe...

7.5CVSS7.2AI score0.00702EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2024/10/20 3:15 a.m.3 views

CVE-2024-10165

A vulnerability was found in Codezips Sales Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file deletecustcom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The explo...

9.8CVSS5.8AI score0.00663EPSS
Exploits1References4
OSV
OSV
added 2024/09/11 7:15 p.m.5 views

CVE-2024-8692

A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The...

9.8CVSS5.2AI score0.00513EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.3 views

PT-2024-39190 · Unknown · Code-Projects Inventory Management

Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management version 1.0 Description: A critical vulnerability was found in the code-projects Inventory Management software. The issue affects an unknown functionality of the file /model/viewProduct.php of the component...

8.8CVSS7.2AI score0.00579EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/09/04 12:0 a.m.5 views

PT-2024-38989 · Unknown · Alwindoss Akademy

Name of the Vulnerable Software and Affected Versions: alwindoss akademy up to 35caccea888ed63d5489e211c99edff1f62efdba Description: A problem has been found in an unknown functionality of the file cmd/akademy/handler/handlers.go. The manipulation of the emailAddress argument leads to cross-site...

5.4CVSS4.2AI score0.00449EPSS
Exploits1References10
OSV
OSV
added 2024/08/27 6:15 p.m.5 views

CVE-2024-8209

A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file addClient.php. The manipulation of the argument CLIENT ID leads to cross site scripting. The attack may be launched...

6.1CVSS3.6AI score0.00325EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/18 7:0 a.m.18 views

CVE-2024-7903 DedeBIZ File Extension media_add.php unrestricted upload

A vulnerability was found in DedeBIZ 6.3.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/mediaadd.php of the component File Extension Handler. The manipulation of the argument upfile1 leads to unrestricted upload. The attack can be...

6.5CVSS7AI score0.00722EPSS
Exploits1References4
Rows per page
Query Builder