Lucene search
K

189 matches found

Vulnrichment
Vulnrichment
added 2026/01/20 12:32 a.m.4 views

CVE-2026-1197 MineAdmin downloadById information disclosure

A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown functionality of the file /system/downloadById. Performing a manipulation of the argument ID results in information disclosure. The attack can be initiated remotely. The attack's complexity is rated as...

3.1CVSS4.9AI score0.00332EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/18 12:0 a.m.9 views

PT-2026-3397

Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A security flaw exists in Yonyou KSOA 9.0 related to the manipulation of the ID parameter within an HTTP GET request to the file '/worksheet/work report.jsp'. This manipulation can lead to SQL injection...

9.8CVSS7.2AI score0.00414EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/07 9:19 a.m.6 views

CVE-2024-2276

A vulnerability has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Venuecontroller/editvenue/ of the component Edit Venue Page. The manipulation of the argument...

6.1CVSS6AI score0.00488EPSS
Exploits1References1
OSV
OSV
added 2026/01/05 3:15 p.m.7 views

CVE-2026-0597

A flaw has been found in Campcodes Supplier Management System 1.0. Affected by this issue is some unknown functionality of the file /retailer/editprofile.php. This manipulation of the argument txtRetailerAddress causes sql injection. Remote exploitation of the attack is possible. The exploit has...

9.8CVSS5.7AI score0.00277EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/04 12:2 p.m.4 views

EUVD-2026-0779

A vulnerability has been found in code-projects Online Product Reservation System 1.0. Affected by this issue is some unknown functionality of the file /handgunner-administrator/delete.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The explo...

7.5CVSS7.2AI score0.00466EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/12/18 11:36 p.m.3 views

CVE-2025-14836

A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/usersave.php of the component User Data Storage Module. This manipulation causes cleartext storage in a file or on disk. Remote exploitation of the attack is possible. The exploit has...

5.1CVSS6.2AI score0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.5 views

PT-2025-51185

A security flaw has been discovered in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this issue is some unknown functionality of the file /ExportFiles/. The manipulation results in files or directories accessible. The attack may be launched remotel...

6.3CVSS6.4AI score0.00274EPSS
Exploits0References6
EUVD
EUVD
added 2025/12/13 6:30 p.m.5 views

EUVD-2025-203265

A vulnerability was found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file loginquery.php. Performing manipulation of the argument studno results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS6.5AI score0.00436EPSS
Exploits1References7
OSV
OSV
added 2025/12/12 7:16 p.m.3 views

CVE-2025-14571

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /borrowbook.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be launched remotely. The exploit has been...

9.8CVSS5.8AI score0.00393EPSS
Exploits1References4
OSV
OSV
added 2025/12/11 9:15 p.m.2 views

CVE-2025-14537

A weakness has been identified in code-projects Class and Exam Timetable Management 1.0. Affected by this issue is some unknown functionality of the file /preview7.php. This manipulation of the argument courseyearsection/semester causes sql injection. Remote exploitation of the attack is possible...

9.8CVSS5.7AI score0.0035EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.5 views

PT-2025-49578

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A flaw exists in itsourcecode Student Management System 1.0, specifically within the file /newsubject.php. The sub argument is susceptible to SQL injection, allowing for remote...

7.5CVSS7.8AI score0.00339EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.5 views

PT-2025-49529

Name of the Vulnerable Software and Affected Versions Yottamaster DM2 versions prior to 1.2.23 Yottamaster DM3 versions prior to 1.2.23 Yottamaster DM200 versions prior to 1.2.23 Yottamaster DM2 versions prior to 1.9.12 Yottamaster DM3 versions prior to 1.9.12 Yottamaster DM200 versions prior to...

9.8CVSS4.6AI score0.00673EPSS
Exploits1References12
NVD
NVD
added 2025/12/07 6:16 p.m.4 views

CVE-2025-14201

A vulnerability was found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. Affected by this vulnerability is an unknown functionality of the file /dishsub.php. The manipulation of the argument item.name results in cross site scripting. I...

4.8CVSS0.00237EPSS
Exploits1References4
NVD
NVD
added 2025/11/23 11:15 a.m.4 views

CVE-2025-13546

A vulnerability was detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this issue is some unknown functionality of the file /results.php of the component Search. The manipulation of the argument userquery results in sql injection. The attack can be...

9.8CVSS0.00317EPSS
Exploits1References4
NVD
NVD
added 2025/11/23 10:15 a.m.4 views

CVE-2025-13545

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /adminarea/index.php. The manipulation of the argument editpack leads to sql injection. The attack can be...

7.2CVSS0.00334EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/23 12:0 a.m.5 views

Travel Agency 代码问题漏洞

Travel Agency is a travel management website by Ashraf Kabir, an individual developer. Travel Agency has a code issue vulnerability that stems from the presence of unknown functionality in the file /customerregister.php, which could lead to unlimited uploads...

9.8CVSS6.5AI score0.0033EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/18 10:49 p.m.5 views

CVE-2025-13303

A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Consignment causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

9.8CVSS7.1AI score0.00328EPSS
Exploits1References1
CVE
CVE
added 2025/11/16 5:32 a.m.17 views

CVE-2025-13238

CVE-2025-13238 affects Bdtask Flight Booking Software 4. The Edit Profile Page component (/agent/profile/edit) is susceptible to manipulation that enables unrestricted file uploads. The flaw can be exploited remotely and has publicly available exploit materials. Multiple sources corroborate the i...

8.8CVSS6.2AI score0.00283EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/11/15 6:30 p.m.6 views

EUVD-2025-197702

A vulnerability was determined in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality. This manipulation causes exposure of information through directory listing. The attack is possible to be carried out remotely. The exploit has been publicly...

6.9CVSS5.1AI score0.00402EPSS
Exploits1References6
NVD
NVD
added 2025/11/15 4:15 p.m.6 views

CVE-2025-13201

A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

9.8CVSS0.00411EPSS
Exploits1References5
Rows per page
Query Builder