Lucene search
+L

34 matches found

Cvelist
Cvelist
added 2026/03/02 3:50 p.m.30 views

CVE-2025-52563 Chamilo: Reflected XSS via page parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting XSS vulnerability due to insufficient sanitization of the page parameter in the session/adduserstosession.php endpoint. This issue has been patched in version 1.11.30...

5.1CVSS0.00155EPSS
Exploits0References2
CNVD
CNVD
added 2026/01/19 12:0 a.m.5 views

Cyber Cafe Management System add-users.php Endpoint SQL Injection Vulnerability

Cyber Cafe Management System is an internet cafe management system. Cyber Cafe Management System suffers from a SQL injection vulnerability that stems from the username parameter of the add-users.php endpoint not adequately validating user input, no details of the vulnerability are available at...

9.8CVSS5.9AI score0.00414EPSS
Exploits2References1
CNVD
CNVD
added 2026/01/19 12:0 a.m.7 views

Cyber Cafe Management System add-users.php Endpoint Cross-Site Scripting Vulnerability

Cyber Cafe Management System is an internet cafe management system. A cross-site scripting vulnerability exists in Cyber Cafe Management System that stems from the uadd parameter of the add-users.php endpoint not being sufficiently cleaned up or coded for user input, and for which no detailed...

6.1CVSS5.8AI score0.00216EPSS
Exploits2References1
CNVD
CNVD
added 2026/01/19 12:0 a.m.18 views

Cyber Cafe Management System add-users.php Endpoint Cross-Site Scripting Vulnerability

Cyber Cafe Management System is an internet cafe management system. A cross-site scripting vulnerability exists in Cyber Cafe Management System that stems from the username parameter of the add-users.php endpoint not adequately handling the input, no details of the vulnerability are available at...

6.1CVSS5.8AI score0.00216EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/16 2:20 a.m.9 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

6.1CVSS5.8AI score0.00216EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/16 12:24 a.m.7 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

9.8CVSS7.8AI score0.00414EPSS
Exploits2References1
OSV
OSV
added 2026/01/15 9:16 p.m.25 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

9.8CVSS5.8AI score0.00414EPSS
Exploits2References2
NVD
NVD
added 2026/01/15 9:16 p.m.10 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

9.8CVSS0.00414EPSS
Exploits2References2
OSV
OSV
added 2026/01/15 9:16 p.m.9 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

6.1CVSS5.8AI score0.00216EPSS
Exploits2References2
NVD
NVD
added 2026/01/15 9:16 p.m.13 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

6.1CVSS0.00216EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2026/01/15 12:0 a.m.5 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

9.8CVSS6AI score0.00414EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/01/15 12:0 a.m.2 views

CVE-2025-70891

A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...

6.1CVSS5.4AI score0.00216EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/01/15 12:0 a.m.4 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

6.1CVSS5.4AI score0.00216EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2026/01/15 12:0 a.m.4 views

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

7.5AI score0.00414EPSS
Exploits2References2
EUVD
EUVD
added 2026/01/15 12:0 a.m.7 views

EUVD-2026-2684

A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...

6.1CVSS5.2AI score0.00216EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.9 views

PT-2026-3114

Name of the Vulnerable Software and Affected Versions Cyber Cafe Management System version 1.0 Description A stored cross-site scripting XSS issue exists. An authenticated attacker can inject arbitrary JavaScript code into the username parameter through the ''/add-users.php'' endpoint. The inject...

6.1CVSS5.9AI score0.00216EPSS
Exploits2References5
CVE
CVE
added 2026/01/15 12:0 a.m.16 views

CVE-2025-70892

CVE-2025-70892 affects Phpgurukul Cyber Cafe Management System v1.0. A SQL Injection flaw exists in the user management module via the add-users.php endpoint, specifically in the username parameter where input is not properly validated. This vulnerability is described across multiple sources (NVD...

9.8CVSS7.5AI score0.00414EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2026/01/15 12:0 a.m.15 views

CVE-2025-70891

CVE-2025-70891 is a stored XSS vulnerability in Phpgurukul Cyber Cafe Management System v1.0, affecting the add-users.php endpoint’s uadd parameter. The issue arises from insufficient sanitization/encoding of user input, allowing an authenticated attacker to persistently store arbitrary JavaScrip...

6.1CVSS5.4AI score0.00216EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2026/01/15 12:0 a.m.25 views

CVE-2025-70891

A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...

0.00216EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/01/15 12:0 a.m.25 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

0.00216EPSS
Exploits2References2
Rows per page
Query Builder