Lucene search
K

9 matches found

EUVD
EUVD
added 2025/12/12 9:31 p.m.6 views

EUVD-2025-203119

A weakness has been identified in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /updateaccount.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available ...

7.5CVSS6.5AI score0.00339EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/11/03 8:39 a.m.11 views

CVE-2025-12594

A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/addaccount.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releas...

7.2CVSS4.9AI score0.00411EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:57 a.m.7 views

CVE-2023-1040

A vulnerability, which was classified as critical, has been found in SourceCodester Online Graduate Tracer System 1.0. Affected by this issue is some unknown functionality of the file tracking/admin/addacc.php. The manipulation of the argument id leads to sql injection. The attack may be launched...

9.8CVSS7.9AI score0.00584EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/20 11:25 p.m.2 views

SUSE CVE-2017-7358

In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out...

7.3CVSS7AI score0.02669EPSS
Exploits5References3
CNNVD
CNNVD
added 2023/02/27 12:0 a.m.4 views

Doctors Appointment System SQL注入漏洞

SourceCodester Doctor Appointment System is an application from SourceCodester USA. It provides an appointment scheduling feature. A SQL injection vulnerability exists in SourceCodester Doctors Appointment System version 1.0, which originates from a security issue in the file create-account.php...

8.8CVSS7.7AI score0.0076EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/11/02 12:0 a.m.8 views

The vulnerability in the implementation of the account.php, login.php, and book_car.php scripts of the CMS system, Official Car Rental System, allows a violator to bypass security restrictions.

The vulnerability in the implementation of the account.php, login.php, and bookcar.php scripts of the Official Car Rental System relates to the lack of measures taken to protect the SQL query structure when processing parameters such as uname, pass, and id. Exploiting this vulnerability allows a...

10CVSS7.8AI score0.01557EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2019/02/25 12:0 a.m.4 views

PHP Scripts Mall Online Food Ordering Script Cross-Site Request Forgery Vulnerability

PHP Scripts Mall Online Food Ordering Script is a web-based online food ordering website system from PHP Scripts Mall India. A cross-site request forgery vulnerability exists in the my-account.php file in PHP Scripts Mall Online Food Ordering Script version 1.0, which can be exploited by remote...

8CVSS7.2AI score0.00545EPSS
Exploits1References1
OSV
OSV
added 2017/04/04 9:0 p.m.4 views

UBUNTU-CVE-2017-7358

In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out...

7.3CVSS7.2AI score0.02669EPSS
Exploits5References3
OSV
OSV
added 2008/11/06 3:55 p.m.4 views

DEBIAN-CVE-2008-4986

wims 3.62 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/env, b /tmp/sed, and c /tmp/referer-home.log temporary files, related to the 1 coqweb and 2 account.sh scripts...

6.9CVSS6.7AI score0.0039EPSS
Exploits1References1
Rows per page
Query Builder