Lucene search
K

608 matches found

OSV
OSV
added 2025/02/12 3:15 p.m.3 views

CVE-2025-1202

A vulnerability classified as critical has been found in SourceCodester Best Church Management Software 1.1. Affected is an unknown function of the file /admin/editslider.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has...

6.5CVSS5.7AI score0.00355EPSS
Exploits1References5
OSV
OSV
added 2025/02/12 12:15 p.m.8 views

CVE-2025-1195

A vulnerability, which was classified as problematic, has been found in code-projects Real Estate Property Management System 1.0. This issue affects some unknown processing of the file /Admin/EditCategory. The manipulation of the argument CategoryId leads to cross site scripting. The attack may b...

5.4CVSS4AI score0.00313EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.4 views

PT-2025-6847 · Sourcecodester · Sourcecodester Best Church Management

Name of the Vulnerable Software and Affected Versions: SourceCodester Best Church Management Software version 1.1 Description: A critical issue has been found in the software, affecting an unknown function of the file /admin/edit slider.php. The manipulation of the id argument leads to SQL...

6.5CVSS7.4AI score0.00355EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/02/05 1:45 p.m.7 views

CVE-2020-13566

SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/editgroup.php, when the POST parameter action is “Delete”, the POST parameter deletegroup leads to a SQL...

8.8CVSS8AI score0.01576EPSS
Exploits1
OSV
OSV
added 2025/02/03 12:0 a.m.5 views

CVE-2025-25062

An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. It doesn't sufficiently isolate long text content when the CKEditor 5 rich text editor is used. This allows a potential attacker to craft specialized HTML and JavaScript that may be executed when an...

4.4CVSS5.5AI score0.01659EPSS
Exploits3References5
OSV
OSV
added 2025/01/17 8:15 p.m.5 views

CVE-2025-0536

A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/editaction.php. The manipulation of the argument attendanceid leads to sql injection. The attack can be initiated remotely. The...

9.8CVSS6.5AI score0.0053EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.4 views

1000 Projects Attendance Tracking Management System 注入漏洞

1000 Projects Attendance Tracking Management System is an open source attendance management system from 1000 Projects. An injection vulnerability exists in version 1.0 of 1000 Projects Attendance Tracking Management System, which originates from the parameter attendanceid in file...

9.8CVSS7.1AI score0.0053EPSS
Exploits1References6
OSV
OSV
added 2025/01/13 5:15 p.m.8 views

CVE-2024-57488

Code-Projects Online Car Rental System 1.0 is vulnerable to Cross Site Scripting XSS via the vehicalorcview parameter in /admin/edit-vehicle.php...

6.5CVSS5.8AI score0.02424EPSS
Exploits3References2
OSV
OSV
added 2024/12/31 6:15 p.m.4 views

CVE-2024-13076

A vulnerability, which was classified as problematic, has been found in PHPGurukul Land Record System 1.0. This issue affects some unknown processing of the file /admin/edit-propertytype.php. The manipulation of the argument Property Type leads to cross site scripting. The attack may be initiated...

5.4CVSS3.8AI score0.00347EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/12/31 12:0 a.m.3 views

PHPGurukul Land Record System 安全漏洞

PHPGurukul Land Record System is a land management system from PHPGurukul. A security vulnerability exists in PHPGurukul Land Record System version 1.0, which originates from the parameter Property Type in the file /admin/edit-propertytype.php that leads to cross-site scripting...

5.4CVSS4.3AI score0.00347EPSS
Exploits1References1
CNVD
CNVD
added 2024/12/30 12:0 a.m.1 views

Small CRM /admin/edit-user.php File SQL Injection Vulnerability

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from an SQL injection vulnerability in the id parameter of the /admin/edit-user.php file. An attacker can exploit this vulnerability to obtain sensitive information or...

9.8CVSS7.7AI score0.00479EPSS
Exploits1References1
OSV
OSV
added 2024/12/29 4:15 p.m.4 views

CVE-2024-13016

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-category.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The...

9.8CVSS5.8AI score0.0039EPSS
Exploits0References4
OSV
OSV
added 2024/12/29 2:15 a.m.4 views

CVE-2024-12999

A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

9.8CVSS5.8AI score0.00479EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/12/29 12:0 a.m.3 views

PT-2024-17859 · Unknown · Phpgurukul Small Crm

Name of the Vulnerable Software and Affected Versions: PHPGurukul Small CRM version 1.0 Description: A critical issue has been found in the unknown code of the file /admin/edit-user.php. The manipulation of the id argument leads to SQL injection. The attack can be initiated remotely. The exploit...

9.8CVSS7.3AI score0.00479EPSS
Exploits1References9
CNNVD
CNNVD
added 2024/12/29 12:0 a.m.2 views

PHPGurukul Small CRM 注入漏洞

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability, which originates from an SQL injection vulnerability in the id parameter of the /admin/edit-user.php file. An attacker can exploit this vulnerability to obtain sensitive information or...

9.8CVSS7.6AI score0.00479EPSS
Exploits1References4
OSV
OSV
added 2024/12/09 7:15 p.m.2 views

CVE-2024-54924

A SQL Injection was found in /admin/editcontent.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the title and content parameters...

9.8CVSS6.1AI score0.00583EPSS
Exploits1References1
OSV
OSV
added 2024/12/09 7:15 p.m.4 views

CVE-2024-54923

A SQL Injection vulnerability was found in /admin/editteacher.php in kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the department parameter...

9.8CVSS6.1AI score0.00583EPSS
Exploits1References1
OSV
OSV
added 2024/12/09 6:15 p.m.4 views

CVE-2024-54922

A SQL Injection was found in /admin/edituser.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the firstname, lastname, and username parameters...

7.2CVSS6.1AI score0.00562EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36440 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL Injection issue was found in the /admin/edit user.php file, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database via the...

9.8CVSS8.6AI score0.00562EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36442 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL injection issue was found in the /admin/edit content.php endpoint, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database...

9.8CVSS8.6AI score0.00583EPSS
Exploits1References5
Rows per page
Query Builder