CVE-2023-1005

A vulnerability was found in JP1016 Markdown-Electron and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to code injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Continious delivery...

CVE-2023-0982

A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Add Class Entry. The manipulation of the argument id leads to sql injection. The attack can be launched...

java-xmlbuilder vulnerable to XML External Entity Reference

A vulnerability was found in java-xmlbuilder up to 1.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to xml external entity reference. Upgrading to version 1.2 is able to address this issue. The name of the patch is...

shadow 安全漏洞

shadow is a suite of tools used to maintain Debian systems. A security vulnerability exists in shadow, which stems from the presence of some unknown functionality in the program, resulting in a denial of service...

prodigasistemas curupira SQL注入漏洞

curupira is a simple authentication and authorization method from Pródiga Sistemas open source. A SQL injection vulnerability exists in prodigasistemas curupira, which stems from the presence of unknown functionality in the file app/controllers/curupira/passwordscontroller.rb, leading to SQL...

clan7ups SQL注入漏洞

clan7ups is an offshoot of the old Destiny Universal Point System. An SQL injection vulnerability exists in antonbolling clan7ups, which stems from a problem with the unknown functionality of the component Login/Session, leading to SQL injection...

PT-2023-10225 · Unknown · Lolfeedback

Name of the Vulnerable Software and Affected Versions: lolfeedback affected versions not specified Description: A critical issue has been found, affecting an unknown functionality, which leads to sql injection. Recommendations: At the moment, there is no information about a newer version that...

classroom-engagement-system SQL注入漏洞

classroom-engagement-system is a classroom engagement system by the individual developer Alexander Harding. A SQL injection vulnerability exists in classroom-engagement-system, which stems from a problem with some unknown functionality that can lead to sql injection...

CVE-2015-10036

A vulnerability was found in kylebebak dronfelipe. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named 87405b74fe651892d79d0dff62ed17a7eaef6a60. It is recommended to apply a patch to fix this...

PT-2023-10215 · Dronfelipe +1 · Dronfelipe

Name of the Vulnerable Software and Affected Versions: kylebebak dronfelipe affected versions not specified Description: A critical issue has been identified, affecting an unknown functionality, which can be manipulated to lead to sql injection. Recommendations: Apply the patch...

CVE-2014-125062

A vulnerability classified as critical was found in ananich bitstorm. Affected by this vulnerability is an unknown functionality of the file announce.php. The manipulation of the argument event leads to sql injection. The identifier of the patch is ea8da92f94cdb78ee7831e1f7af6258473ab396a. It is...

NeoXplora 跨站脚本漏洞

NeoXplora is an application by kkokko Personal Developer. NeoXplora suffers from a cross-site scripting vulnerability that stems from some unknown functionality of the component Trainer Handler, which leads to cross-site scripting...

PT-2022-28118 · Hotcrp · Hotcrp

Name of the Vulnerable Software and Affected Versions: HotCRP affected versions not specified Description: A vulnerability was found in HotCRP, rated as problematic. It affects some unknown functionality and leads to cross-site scripting. The attack can be launched remotely. Recommendations: To f...

National Sleep Research Resource 跨站脚本漏洞

National Sleep Research Resource is an open source national sleep research resource system by National Sleep Research Resource. A cross-site scripting vulnerability exists in National Sleep Research Resource versions prior to 59.0.0 that stems from the presence of unknown functionality...

PT-2022-27219 · Unknown · Ipti Br.Tag

Name of the Vulnerable Software and Affected Versions: ipti br.tag versions prior to 2.13.0 Description: A vulnerability was found in ipti br.tag, which has been declared as problematic. The manipulation of an unknown functionality leads to cross-site scripting. The attack can be launched remotel...

PT-2022-26598 · Facepay · Facepay

Name of the Vulnerable Software and Affected Versions: Facepay version 1.0 Description: A critical issue has been found in the software, affecting an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the userId argument leads to authorization...

JreCMS 安全漏洞

JreCMS is a website builder from JreCMS Inc. A security vulnerability exists in JreCMS that stems from some unknown functionality in the component template management...

CVE-2022-4014

A vulnerability, which was classified as problematic, has been found in FeehiCMS. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The identifier of this...

Sanitization Management System 跨站脚本漏洞

Sanitization Management System is a sanitization management system by Carlo Montero Personal Developer. A security vulnerability exists in Sanitization Management System, which originates from unknown functionality in the component the file admin/?page=systeminf, and can be exploited by an attack...

Bento4 资源管理错误漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. Bento4 suffers from a resource management error vulnerability that stems from the component not completing a fix for some unknown functionality of CVE-2019-13238, resulting in resource consumption...