Lucene search
+L

7 matches found

EUVD
EUVD
added 2026/07/08 12:22 a.m.9 views

EUVD-2026-42148

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...

5.4CVSS6AI score0.00394EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 7:48 a.m.7 views

CVE-2024-40456

ThinkSAAS v3.7.0 was discovered to contain a SQL injection vulnerability via the name parameter at \system\action\update.php...

9.8CVSS8.2AI score0.0051EPSS
Exploits1References1
OSV
OSV
added 2024/02/07 12:15 a.m.6 views

CVE-2024-1264

A vulnerability has been found in Juanpao JPShop up to 1.5.02 and classified as critical. Affected by this vulnerability is the function actionUpdate of the file /api/controllers/common/UploadsController.php. The manipulation of the argument imgage leads to unrestricted upload. The attack can be...

9.8CVSS5.4AI score0.00592EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/06 12:0 a.m.8 views

PT-2024-17680 · Juanpao · Jpshop

Name of the Vulnerable Software and Affected Versions: Juanpao JPShop versions up to 1.5.02 Description: A critical issue was found in the function actionUpdate of the file /api/controllers/merchant/shop/PosterController.php of the component API. The manipulation of the argument pic url leads to...

9.8CVSS6.5AI score0.00592EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/02/06 12:0 a.m.8 views

PT-2024-17676 · Juanpao · Jpshop

Name of the Vulnerable Software and Affected Versions: Juanpao JPShop versions up to 1.5.02 Description: A critical issue has been found in the API component, specifically affecting the actionUpdate function of the /api/controllers/merchant/design/MaterialController.php file. The manipulation of...

9.8CVSS6.6AI score0.00592EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/01/13 12:0 a.m.6 views

PT-2024-15601 · Unknown · Fighting Cock Information System

Name of the Vulnerable Software and Affected Versions: Fighting Cock Information System version 1.0 Description: A critical issue has been found in the processing of the file admin/action/update mother.php, where the manipulation of the age mother argument leads to sql injection. The attack can b...

9.8CVSS7AI score0.00517EPSS
Exploits0References6
OSV
OSV
added 2022/06/02 2:15 p.m.4 views

CVE-2021-44096

EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL Injection via profileaction - updateuser. This allows a remote attacker to compromise Application SQL database...

9.8CVSS5.9AI score0.0122EPSS
Exploits1References2
Rows per page
Query Builder