Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

121 matches found

CNNVD
CNNVDadded 2023/09/10 12:0 a.m.2 views

Contact Manager App SQL Injection Vulnerability

Contact Manager App is a contact manager application from the individual developer Remy Andrade. A SQL injection vulnerability exists in Contact Manager App version 1.0, which originates from a SQL injection attack via add.php...

9.8CVSS8AI score0.00061EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2023/09/09 12:0 a.m.2 views

PT-2023-30923 · Unknown · Sourcecodester Contact Manager App

Name of the Vulnerable Software and Affected Versions: SourceCodester Contact Manager App version 1.0 Description: A critical issue has been found in the SourceCodester Contact Manager App, affecting the processing of the file add.php. The manipulation of the contactName argument leads to SQL...

9.8CVSS7.2AI score0.00061EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2023/09/01 12:0 a.m.10 views

CVE-2023-36076

SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php...

8.6AI score0.48131EPSS
Exploits1References1
Veracode
Veracodeadded 2023/01/27 8:3 a.m.23 views

Cross-Site Scripting (XSS)

phpmyfaq is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to improper user input sanitization in add.php which allows an attacker to inject and execute arbitrary scripts...

6.1CVSS6AI score0.00674EPSS
Exploits0References3Affected Software2
NVD
NVDadded 2023/01/02 8:15 a.m.8 views

CVE-2014-125032

A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file module/frontend/add.php. The manipulation leads to sql injection. The identifier of the patch is b92451e4f9e85e26cf493c95ea0a69e354c35df9. ...

9.8CVSS7AI score0.00297EPSS
Exploits0References3
CVE
CVEadded 2023/01/02 7:50 a.m.63 views

CVE-2014-125032

CVE-2014-125032 affects porpeeranut go-with-me; a SQL injection exists in the file module/frontend/add.php . The vulnerability results from manipulation of the noted file’s functionality, enabling likely unauthorized data access or modification. A patch identified as b92451e4f9e85e26cf493c95ea0a6...

9.8CVSS7AI score0.00297EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/01/02 7:50 a.m.11 views

CVE-2014-125032 porpeeranut go-with-me add.php sql injection

A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file module/frontend/add.php. The manipulation leads to sql injection. The identifier of the patch is b92451e4f9e85e26cf493c95ea0a69e354c35df9. ...

5.5CVSS7.6AI score0.00297EPSS
Exploits0References3
Cvelist
Cvelistadded 2022/08/11 4:56 a.m.9 views

CVE-2022-2746 SourceCodester Simple Online Book Store System Admin_ add.php unrestricted upload

A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. This vulnerability affects unknown code of the file Admin add.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-206014 is the identifier assigne...

6.3CVSS9.8AI score0.00349EPSS
Exploits0References1
OSV
OSVadded 2021/07/07 2:15 p.m.2 views

CVE-2020-24141

Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the fileremote parameter to download-add.php. It can help identify open ports, local network hosts and execute...

5.3CVSS6.1AI score0.0019EPSS
Exploits0References1
Prion
Prionadded 2021/07/07 2:15 p.m.22 views

Server side request forgery (ssrf)

Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the fileremote parameter to download-add.php. It can help identify open ports, local network hosts and execute...

5CVSS5.5AI score0.0019EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2020/03/23 9:15 p.m.12 views

CVE-2020-8866

This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of...

6.5CVSS5.5AI score0.03533EPSS
Exploits4References3
OSV
OSVadded 2020/03/23 9:15 p.m.1 views

DEBIAN-CVE-2020-8866

This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of...

6.5CVSS4.7AI score0.03533EPSS
Exploits4References1
OSV
OSVadded 2020/03/23 9:15 p.m.0 views

UBUNTU-CVE-2020-8866

This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of...

6.5CVSS5.8AI score0.03533EPSS
Exploits4References5
UbuntuCve
UbuntuCveadded 2020/03/23 9:15 p.m.23 views

CVE-2020-8866

This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of...

6.5CVSS5.8AI score0.03533EPSS
Exploits4References4
Cvelist
Cvelistadded 2020/03/23 8:15 p.m.18 views

CVE-2020-8866

This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of...

4.3CVSS6.5AI score0.03533EPSS
Exploits4References3
Debian CVE
Debian CVEadded 2020/03/23 8:15 p.m.17 views

CVE-2020-8866

This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of...

6.5CVSS5AI score0.03533EPSS
Exploits4
CVE
CVEadded 2020/03/23 8:15 p.m.71 views

CVE-2020-8866

CVE-2020-8866 affects Horde Groupware Webmail Edition 5.2.22, with a flaw in add.php where insufficient validation of user-supplied data allows remote attackers (authenticated) to upload arbitrary files. This can enable code execution in the www-data context when combined with other vulnerabiliti...

6.5CVSS6.5AI score0.03533EPSS
Exploits4References3Affected Software2
CNVD
CNVDadded 2020/03/16 12:0 a.m.1 views

Horde Groupware Webmail Code Issue Vulnerability

Horde Groupware Webmail is a browser-based, enterprise-class communications suite from Horde, Inc. A code issue vulnerability exists in the add.php script in Horde Groupware Webmail Edition version 5.2.22, which stems from the program failing to properly validate user-submitted input. An attacker...

6.5CVSS7.3AI score0.03897EPSS
Exploits4References1
Positive Technologies
Positive Technologiesadded 2020/03/10 12:0 a.m.2 views

PT-2020-20337 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition version 5.2.22 Description: This issue allows remote attackers to create arbitrary files on affected installations. Authentication is required to exploit this. The flaw exists within the add.php file and result...

6.5CVSS4.9AI score0.03533EPSS
Exploits4References18
Positive Technologies
Positive Technologiesadded 2020/03/08 12:0 a.m.3 views

PT-2020-11982 · Phpgurukul · Phpgurukul Online Book Store

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Book Store version 1.0 Description: An unauthenticated file upload issue has been identified in the admin add.php file. This could be exploited by a remote attacker to upload content, including PHP files, potentially leading...

9.8CVSS9.6AI score0.13529EPSS
Exploits1References3
Rows per page
Query Builder