Lucene search
+L

52 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:22 a.m.8 views

CVE-2024-10840

A vulnerability classified as problematic has been found in romadebrian WEB-Sekolah 1.0. Affected is an unknown function of the file /Admin/akunedit.php of the component Backend. The manipulation of the argument kode leads to cross site scripting. It is possible to launch the attack remotely. The...

5.1CVSS4.9AI score0.00354EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/10 4:29 a.m.26 views

CVE-2025-3389

A vulnerability, which was classified as problematic, has been found in hailey888 oasystem up to 2025.01.01. This issue affects the function testMess of the file cn/gson/oasys/controller/inform/InformManageController.java of the component Backend. The manipulation of the argument menu leads to...

6.1CVSS6.3AI score0.00277EPSS
Exploits1References1
OSV
OSV
added 2025/04/08 2:15 a.m.5 views

CVE-2025-3392

A vulnerability was found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file cn/gson/oasys/controller/mail/MailController.java of the component Backend. The manipulation of the argument MailNumberId leads to cross site...

6.1CVSS3.6AI score0.00277EPSS
Exploits1References3
NVD
NVD
added 2025/04/08 2:15 a.m.10 views

CVE-2025-3392

A vulnerability was found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file cn/gson/oasys/controller/mail/MailController.java of the component Backend. The manipulation of the argument MailNumberId leads to cross site...

6.1CVSS0.00277EPSS
Exploits1References3
OSV
OSV
added 2025/04/08 12:15 a.m.5 views

CVE-2025-3389

A vulnerability, which was classified as problematic, has been found in hailey888 oasystem up to 2025.01.01. This issue affects the function testMess of the file cn/gson/oasys/controller/inform/InformManageController.java of the component Backend. The manipulation of the argument menu leads to...

6.1CVSS3.9AI score0.00277EPSS
Exploits1References3
OSV
OSV
added 2025/04/08 12:15 a.m.5 views

CVE-2025-3390

A vulnerability, which was classified as problematic, was found in hailey888 oasystem up to 2025.01.01. Affected is the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component Backend. The manipulation of the argument scheduleList leads to...

6.1CVSS3.9AI score0.00277EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.6 views

PT-2025-15308 · Unknown · Hailey888 Oa System

Name of the Vulnerable Software and Affected Versions: hailey888 oa system versions up to 2025.01.01 Description: A problem has been found in the function testMess of the file cn/gson/oasys/controller/inform/InformManageController.java of the component Backend. The manipulation of the argument me...

6.1CVSS3.4AI score0.00277EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/03/26 6:36 a.m.5 views

CVE-2025-2686

A vulnerability has been found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to d4836f6b49cd0ac79a4021b15ce99ff7229d4694 and classified as critical. Affected by this vulnerability is the function doFilter of the file /admin/ of the component Backend. The manipulation of the argument Request lea...

6.9CVSS7.3AI score0.00438EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:16 a.m.14 views

CVE-2025-0484

A vulnerability was found in Fanli2012 native-php-cms 1.0 and classified as critical. This issue affects some unknown processing of the file /fladmin/sysconfigdoedit.php of the component Backend. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit h...

7.5CVSS6.9AI score0.00536EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.6 views

PT-2025-3914 · Fanli2012 · Native-Php-Cms

Name of the Vulnerable Software and Affected Versions: Fanli2012 native-php-cms version 1.0 Description: A critical issue affects the processing of the file /fladmin/sysconfig doedit.php in the Backend component, leading to improper authorization. The attack can be initiated remotely...

7.5CVSS7.4AI score0.00536EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/01/12 2:0 p.m.29 views

CVE-2025-0398 longpi1 warehouse Backend updateInport cross site scripting

A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the component Backend. The manipulation of the argument remark leads to cross site scripting. The...

5.1CVSS0.00313EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/22 12:0 a.m.6 views

PT-2024-17145 · E Lins · E-Lins H720 +6

Name of the Vulnerable Software and Affected Versions: E-Lins H685 versions up to 3.2 E-Lins H685f versions up to 3.2 E-Lins H700 versions up to 3.2 E-Lins H720 versions up to 3.2 E-Lins H750 versions up to 3.2 E-Lins H820 versions up to 3.2 E-Lins H820Q versions up to 3.2 E-Lins H820Q0 versions ...

7.5CVSS7.2AI score0.00613EPSS
Exploits0References7
OSV
OSV
added 2024/11/05 2:15 p.m.3 views

CVE-2024-10842

A vulnerability, which was classified as problematic, has been found in romadebrian WEB-Sekolah 1.0. Affected by this issue is some unknown functionality of the file /Admin/ProsesEditAkun.php of the component Backend. The manipulation of the argument UsernameBaru/Password leads to cross site...

4.8CVSS3.9AI score0.00402EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/11/05 1:0 p.m.12 views

CVE-2024-10840 romadebrian WEB-Sekolah Backend akun_edit.php cross site scripting

A vulnerability classified as problematic has been found in romadebrian WEB-Sekolah 1.0. Affected is an unknown function of the file /Admin/akunedit.php of the component Backend. The manipulation of the argument kode leads to cross site scripting. It is possible to launch the attack remotely. The...

5.1CVSS3.5AI score0.00354EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/09/27 12:0 a.m.7 views

PT-2024-39548 · Unknown · Skyselang Yyladmin

Name of the Vulnerable Software and Affected Versions: skyselang yylAdmin versions up to 3.0 Description: A critical issue was found in the Backend component, specifically in the function list of the file /app/admin/controller/file/File.php. The manipulation of the is disable argument leads to SQ...

8.8CVSS7.2AI score0.00545EPSS
Exploits1References7
OSV
OSV
added 2024/08/17 6:15 p.m.2 views

CVE-2024-7898

A vulnerability classified as critical was found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. This vulnerability affects unknown code of the component Backend. The manipulation leads to use of default credentials. The attack can be initiated remotely. The exploit has been...

9.8CVSS5.3AI score0.00553EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/05/30 3:33 p.m.14 views

TYPO3 Denial of Service in Online Media Asset Handling

Online Media Asset Handling .youtube and .vimeo files in the TYPO3 backend is vulnerable to denial of service. Putting large files with according file extensions results in high consumption of system resources. This can lead to exceeding limits of the current PHP process which results in a...

7AI score
Exploits0References5Affected Software1
OSV
OSV
added 2024/04/03 3:15 a.m.6 views

CVE-2024-3227

A vulnerability was found in Panwei eoffice OA up to 9.5. It has been declared as critical. This vulnerability affects unknown code of the file /general/system/interface/themeset/saveimage.php of the component Backend. The manipulation of the argument imagetype leads to path traversal:...

7.2CVSS5.4AI score0.00955EPSS
Exploits1References4
Prion
Prion
added 2024/01/10 1:15 a.m.18 views

Improper access control

A vulnerability has been found in Mandelo ssmshiroblog 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file updateRoles of the component Backend. The manipulation leads to improper access controls. The exploit has been disclosed to the public a...

3.3CVSS7.2AI score0.00647EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/01/10 12:0 a.m.5 views

Mandelo ssm_shiro_blog Access Control Error Vulnerability

ssmshiroblog is a blogging system for mandelo individual developers. An access control error vulnerability exists in Mandelo ssmshiroblog version 1.0, which stems from the presence of an unknown function in updateRoles in the component Backend, leading to incorrect access control...

7.5CVSS6.8AI score0.00647EPSS
Exploits1References4
Rows per page
Query Builder