Lucene search
+L

10 matches found

redhatcve
redhatcve
added 2026/03/26 3:18 p.m.7 views

CVE-2026-3956

A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/admin/AdminAdminUserController.java. Performing a manipulation of the argument keywor...

5.8CVSS5.6AI score0.00202EPSS
Exploits0References1
euvd
euvd
added 2026/03/11 9:31 p.m.5 views

EUVD-2026-11404

A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/admin/AdminAdminUserController.java. Performing a manipulation of the argument keywor...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References6
nvd
nvd
added 2026/03/11 9:16 p.m.5 views

CVE-2026-3956

A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/admin/AdminAdminUserController.java. Performing a manipulation of the argument keywor...

5.8CVSS0.00202EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/03/11 8:32 p.m.4 views

CVE-2026-3956

A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/admin/AdminAdminUserController.java. Performing a manipulation of the argument keywor...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References5
cve
cve
added 2026/03/11 8:32 p.m.11 views

CVE-2026-3956

The CVE CVE-2026-3956 affects xierongwkhd weimai-wetapp, specifically the Admin_AdminUserController.getAdmins function. The root cause is a manipulation of the argument keyword that enables SQL injection, with remote exploitation possible. Public exploitation is indicated. No version details or p...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References5
cvelist
cvelist
added 2026/03/11 8:32 p.m.33 views

CVE-2026-3956 xierongwkhd weimai-wetapp Admin_AdminUserController.java getAdmins sql injection

A vulnerability was detected in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This affects the function getAdmins of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/admin/AdminAdminUserController.java. Performing a manipulation of the argument keywor...

5.8CVSS0.00202EPSS
Exploits0References5
cvelist
cvelist
added 2025/09/27 8:32 p.m.13 views

CVE-2025-11078 itsourcecode Open Source Job Portal controller.php unrestricted upload

A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/controller.php?action=photos. The manipulation of the argument photo leads to unrestricted upload. The attack is possible to be carried out...

6.5CVSS0.00302EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/01/09 12:0 a.m.7 views

bookstore 代码注入漏洞

bookstore is an e-commerce bookstore system by donglight individual developer. A code injection vulnerability exists in bookstore version 1.0.0, which originates from the updateUser function in the file src/main/Java/org/zdd/bookstore/web/controller/admin/AdminUserControlle.java, which can lead t...

5.4CVSS4.7AI score0.004EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2025/01/09 12:0 a.m.8 views

PT-2025-2055 · Unknown · Donglight Bookstore电商书城系统说明

Name of the Vulnerable Software and Affected Versions: donglight bookstore电商书城系统说明 version 1.0.0 Description: A vulnerability was found in the updateUser function of the file src/main/Java/org/zdd/bookstore/web/controller/admin/AdminUserControlle.java. The manipulation leads to cross site...

5.3CVSS4.1AI score0.004EPSS
Exploits1References10
cnnvd
cnnvd
added 2023/03/22 12:0 a.m.5 views

SourceCodester E-Commerce System 跨站脚本漏洞

Moosikay E-Commerce System is an e-commerce system by the individual developer Arvin Arandilla. A cross-site scripting vulnerability exists in SourceCodester E-Commerce System version 1.0, which stems from a problem with the file admin/user/controller.php?action=edit, where manipulation of the...

5.4CVSS4.1AI score0.00491EPSS
Exploits1References3
Rows per page
Query Builder