Lucene search
K

252 matches found

CNNVD
CNNVD
added 2025/05/31 12:0 a.m.6 views

SourceCodester Health Center Patient Record Management System 安全漏洞

SourceCodester Health Center Patient Record Management System is a SourceCodester open source health center patient record management system. A security vulnerability exists in SourceCodester Health Center Patient Record Management System version 1.0, which is caused by a SQL injection due to an...

9.8CVSS7.7AI score0.00422EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/23 4:27 a.m.23 views

CVE-2023-34666

Cross-site scripting XSS vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter...

6.1CVSS5.9AI score0.00673EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.7 views

CVE-2020-11624

An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. They do not require users to change the default password for the admin account. They only show a pop-up window suggesting a change but...

9.8CVSS9.2AI score0.01197EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 a.m.8 views

CVE-2018-10570

Frog CMS 0.9.5 has XSS in /install/index.php via the 'config''adminusername' field...

4.8CVSS6.1AI score0.00534EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:45 a.m.9 views

CVE-2018-16604

An issue was discovered in Nibbleblog v4.0.5. With an admin's username and password, an attacker can execute arbitrary PHP code by changing the username because the username is surrounded by double quotes e.g., "$phpinfo"...

7.2CVSS7.8AI score0.01531EPSS
Exploits1References1
OSV
OSV
added 2024/09/04 7:15 a.m.4 views

CVE-2024-8121

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of user names due to a missing capability check on the wpextchangeadminname function in all versions up to, and including, 3.0.8. This makes it possible for authenticated attackers, wi...

4.3CVSS5.8AI score0.00323EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/09/04 3:20 a.m.6 views

WordPress The Ultimate WordPress Toolkit – WP Extended plugin <= 3.0.8 - Missing Authorization to Admin Username Change vulnerability

Missing Authorization to Admin Username Change vulnerability discovered by Marco Wotschka in WordPress Plugin The Ultimate WordPress Toolkit – WP Extended versions = 3.0.8...

5.4CVSS7AI score0.00323EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.3 views

Campcodes Complete Online Beauty Parlor Management System SQL注入漏洞

Campcodes Complete Online Beauty Parlor Management System is an online beauty parlor management system from Campcodes, Inc. A SQL injection vulnerability exists in Campcodes Complete Online Beauty Parlor Management System version 1.0, which originates from an SQL injection vulnerability in the...

6.5CVSS7AI score0.00496EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2024/02/05 9:44 a.m.397 views

Exploit for Missing Authorization in Wpexperts Post_Smtp

What the exploit does - Places a token that allows you to vie...

9.8CVSS9.5AI score0.90339EPSS
Exploits6
OSV
OSV
added 2023/12/01 3:15 a.m.7 views

CVE-2023-48016

Restaurant Table Booking System V1.0 is vulnerable to SQL Injection in rtbs/admin/index.php via the username parameter...

7.5CVSS5.8AI score0.00664EPSS
Exploits1References1
Prion
Prion
added 2023/11/24 5:15 p.m.18 views

Privilege escalation

Warpgate is an open source SSH, HTTPS and MySQL bastion host for Linux. In affected versions there is a privilege escalation vulnerability through a non-admin user's account. Limited users can impersonate another user's account if only single-factor authentication is configured. If a user knows a...

6.5CVSS7.7AI score0.00676EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/19 12:0 a.m.11 views

CVE-2023-43875

Multiple Cross-Site Scripting XSS vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost, dbname, dbuser, adminusername and adminemail...

6.1AI score0.00764EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/19 12:0 a.m.36 views

CVE-2023-43875

Multiple Cross-Site Scripting XSS vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost, dbname, dbuser, adminusername and adminemail...

6.2AI score0.00764EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/10/16 9:15 p.m.11 views

CVE-2023-40852

SQL Injection vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows attackers to obtain sensitive information via crafted string in the admin user name field on the admin log in page...

9.8CVSS5.9AI score0.00822EPSS
Exploits1References2
OSV
OSV
added 2023/10/16 9:15 p.m.3 views

CVE-2023-40852

SQL Injection vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows attackers to obtain sensitive information via crafted string in the admin user name field on the admin log in page...

9.8CVSS5.9AI score0.00822EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/06/15 5:15 p.m.6 views

CVE-2023-34666

Cross-site scripting XSS vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter...

6.1CVSS6.5AI score0.00673EPSS
Exploits1References2
NVD
NVD
added 2023/06/15 5:15 p.m.20 views

CVE-2023-34666

Cross-site scripting XSS vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter...

6.1CVSS6.1AI score0.00673EPSS
Exploits1References1
OSV
OSV
added 2023/06/15 5:15 p.m.3 views

CVE-2023-34666

Cross-site scripting XSS vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter...

6.1CVSS5.9AI score0.00673EPSS
Exploits1References1
Prion
Prion
added 2023/06/15 5:15 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter...

5.8CVSS6AI score0.00673EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.28 views

CVE-2023-34666

Cross-site scripting XSS vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter...

6.2AI score0.00673EPSS
Exploits1References1
Rows per page
Query Builder