Lucene search
K

87131 matches found

Cvelist
Cvelist
added 2026/04/05 8:58 p.m.19 views

CVE-2019-25675 eDirectory All Versions SQL Injection Authentication Bypass

eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection t...

8.8CVSS0.00529EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/05 8:58 p.m.2 views

CVE-2019-25675 eDirectory All Versions SQL Injection Authentication Bypass

eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection t...

8.8CVSS6AI score0.00529EPSS
Exploits1References3
CVE
CVE
added 2026/04/05 8:58 p.m.8 views

CVE-2019-25675

CVE-2019-25675 concerns the eDirectory product, affecting all versions per title, with multiple SQL injection vulnerabilities. The root cause is unparameterized SQL in the login flow, allowing unauthenticated attackers to bypass administrator authentication by injecting SQL into the key parameter...

8.8CVSS6AI score0.00529EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/05 8:45 p.m.2 views

CVE-2019-25682

CMSsite 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting crafted pages that submit POST requests to the users.php endpoint...

5.3CVSS5.9AI score0.00132EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/05 8:45 p.m.2 views

CVE-2019-25682 CMSsite 1.0 Cross-Site Request Forgery via users.php

CMSsite 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting crafted pages that submit POST requests to the users.php endpoint...

5.3CVSS5.9AI score0.00132EPSS
Exploits1References3
CVE
CVE
added 2026/04/05 8:45 p.m.8 views

CVE-2019-25682

CMSsite 1.0 contains a cross-site request forgery (CSRF) vulnerability in users.php that allows authenticated administrators to be tricked into submitting POST requests (e.g., source=add_user, source=edit_user, or del=1) to create, modify, or delete admin accounts. The attack is network-based wit...

5.3CVSS5.9AI score0.00132EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/05 8:45 p.m.18 views

CVE-2019-25682 CMSsite 1.0 Cross-Site Request Forgery via users.php

CMSsite 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting crafted pages that submit POST requests to the users.php endpoint...

5.3CVSS0.00132EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/04/05 5:35 p.m.109 views

Exploit for CVE-2025-1738

CVE-2025-1738 - Trivision Camera NC227WF PoC...

7.1CVSS5.9AI score0.00287EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/04/05 4:58 p.m.6 views

CVE-2026-2936

The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pagetitle' parameter in all versions up to, and including, 8.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

7.2CVSS6.1AI score0.00257EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/04/05 8:1 a.m.8 views

OpenPrinting CUPS: Local print admin token disclosure using temporary printers

...

7.8CVSS6AI score0.00289EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/04/05 7:33 a.m.48 views

Emlog-v2.6.9-Vulnerability-Report

Emlog-v2.6.9-Vulnerability-Report CVE ID: REQUESTED D...

6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.3 views

PT-2026-30490

CMSsite 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting crafted pages that submit POST requests to the users.php endpoint...

5.3CVSS5.9AI score0.00132EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.10 views

itsourcecode Free Hotel Reservation System SQL注入漏洞

itsourcecode Free Hotel Reservation System is an open-source hotel reservation system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the email parameter in the file /hotel/admin/login.php, which may lead...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.3 views

PT-2026-30507

eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection t...

8.8CVSS6AI score0.00529EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/04 9:30 p.m.6 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the admin/usermanipulate and admin/settings/generall endpoints. An attacker can perform unauthorized administrative actions by tricking an authenticated administrator into submitting crafted...

7.4CVSS5.7AI score0.00106EPSS
Exploits1References3
OSV
OSV
added 2026/04/04 9:30 p.m.4 views

GHSA-3QCM-PJ6Q-W4C5 Nodcms contains a cross-site request forgery vulnerability

Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/usermanipulate and admin/settings/generall endpoints to...

5.3CVSS5.7AI score0.00106EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/04 9:30 p.m.5 views

EUVD-2016-10873

Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/usermanipulate and admin/settings/generall endpoints to...

5.3CVSS5.9AI score0.00106EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/04/04 9:30 p.m.8 views

Nodcms contains a cross-site request forgery vulnerability

Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/usermanipulate and admin/settings/generall endpoints to...

5.3CVSS5.7AI score0.00106EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2026/04/04 8:16 p.m.6 views

CVE-2016-20054

Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/usermanipulate and admin/settings/generall endpoints to...

5.3CVSS0.00106EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/04 7:59 p.m.2 views

CVE-2016-20054 Nodcms Cross Site Request Forgery via admin endpoints

Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/usermanipulate and admin/settings/generall endpoints to...

5.3CVSS5.9AI score0.00106EPSS
Exploits1References1
Rows per page
Query Builder