Lucene search
K

8 matches found

NVD
NVD
added 2025/12/17 10:16 p.m.7 views

CVE-2025-67875

ChurchCRM is an open-source church management system. A privilege escalation vulnerability exists in ChurchCRM prior to version 6.5.3. An authenticated user with specific mid-level permissions "Edit Records" and "Manage Properties and Classifications" can inject a persistent Cross-Site Scripting...

8.5CVSS0.00164EPSS
Exploits3References1
NVD
NVD
added 2025/11/14 4:15 p.m.3 views

CVE-2024-44635

PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting XSS via adminname and aemailid parameters in /admin-profile.php...

6.1CVSS0.00196EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/07/04 10:5 a.m.15 views

CVE-2025-27024

Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used f...

6.5CVSS6.2AI score0.00318EPSS
Exploits0References1
NVD
NVD
added 2025/07/02 10:15 a.m.9 views

CVE-2025-27024

Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used f...

6.5CVSS0.00318EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:33 a.m.6 views

CVE-2024-22724

An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature...

6.6CVSS7.7AI score0.00309EPSS
Exploits1References1
CNVD
CNVD
added 2025/03/12 12:0 a.m.2 views

Emergency Ambulance Hiring Portal contactnumber Parameter SQL Injection Vulnerability

Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the contactnumber parameter of the /admin/admin-profile.php file. An...

9.8CVSS8.3AI score0.00481EPSS
Exploits1References1
NVD
NVD
added 2024/03/21 4:15 a.m.8 views

CVE-2024-22724

An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature...

6.6CVSS7.4AI score0.00309EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/03/21 12:0 a.m.12 views

CVE-2024-22724

An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature...

7.9AI score0.00309EPSS
Exploits1References2
Rows per page
Query Builder