8 matches found
CVE-2025-67875
ChurchCRM is an open-source church management system. A privilege escalation vulnerability exists in ChurchCRM prior to version 6.5.3. An authenticated user with specific mid-level permissions "Edit Records" and "Manage Properties and Classifications" can inject a persistent Cross-Site Scripting...
CVE-2024-44635
PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting XSS via adminname and aemailid parameters in /admin-profile.php...
CVE-2025-27024
Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used f...
CVE-2025-27024
Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used f...
CVE-2024-22724
An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature...
Emergency Ambulance Hiring Portal contactnumber Parameter SQL Injection Vulnerability
Emergency Ambulance Hiring Portal is an emergency ambulance hiring portal. Emergency Ambulance Hiring Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the contactnumber parameter of the /admin/admin-profile.php file. An...
CVE-2024-22724
An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature...
CVE-2024-22724
An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature...