E-Commerce-Website-Using-PHP 代码问题漏洞

E-Commerce-Website-Using-PHP is a free and open source full-featured e-commerce website project. A code issue vulnerability exists in E-Commerce-Website-Using-PHP version 1.0, which stems from an incorrect manipulation of the parameter name can lead to unlimited uploads...

Keysight Ixia Vision 代码问题漏洞

Keysight Ixia Vision is a family of network packet agents from Keysight, Inc. A code issue vulnerability exists in Keysight Ixia Vision Product Family version 6.3.1, which stems from an external XML entity injection could lead to arbitrary file downloads...

PT-2025-9721 · Unknown · Projectworlds Online Hotel Booking

Name of the Vulnerable Software and Affected Versions: projectworlds Online Hotel Booking version 1.0 Description: A critical issue has been found in the code of the /reservation.php file. The manipulation of the checkin argument leads to SQL injection. The attack can be initiated remotely. The...

CVE-2025-1957

The CVE-2025-1957 entry concerns code-projects Blood Bank System 1.0. Affected component: unknown code in /BBfile/Blood/o+.php, where manipulation of the Bloodname parameter enables cross-site scripting. Impact is described as low to moderate depending on data, with remote initiation and user int...

CVE-2025-27425 QR code user confirmation bypass with invalid protocol

Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...

CVE-2025-27425

Firefox for iOS before version 136 is vulnerable to QR-code URL handling where scanning text in a QR code could open the URL without a user confirmation alert. This affects Firefox for iOS builds prior to 136; Mozilla MFSA2025-13 indicates related URL-spoofing/redirect concerns. Remediation: upda...

CVE-2025-27425

Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...

CVE-2022-49371

CVE-2022-49371: In the Linux kernel, driver core: fix deadlock in __device_attach. The deadlock occurs when async_probe is scheduled while holding device_lock(dev); async_helper may also acquire dev, causing A-A deadlock. The fix moves async_schedule_dev outside the device_lock path, leveraging t...

SMA Solar Sunny Portal 代码问题漏洞

SMA Solar Sunny Portal is a photovoltaic data monitoring platform from SMA Solar, Germany. It is used to monitor PV system operation in real time and to obtain performance data. A code issue vulnerability exists in versions prior to SMA Solar Sunny Portal 19.02.2024, which stems from...

IBM i 代码问题漏洞

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A code issue vulnerability exists in IBM i versions 7.2, 7.3, 7.4, and 7.5 that stems from a non-conforming library call that could cause user-controlled code to run wi...

CVE-2025-1577

CVE-2025-1577 affects Code-Projects Blood Bank System 1.0. The vulnerability is a cross-site scripting (XSS) in the unknown functionality handled by /prostatus.php, triggered by manipulating the message parameter. This may be exploitable remotely. Public exploitation details are provided across m...

Education and Training System 代码问题漏洞

Education and Training System is an education and training system by the individual developer hzmanyun. A code issue exists in Education and Training System version 3.1.1, which stems from a lack of restrictions in the upload process, resulting in arbitrary file uploads...

Rufus 代码问题漏洞

Rufus is a reliable USB formatting tool from Pete Batard, a personal developer. A code issue vulnerability exists in Rufus version 4.6.2208 and prior versions that stems from not properly validating the DLL load path. An attacker can exploit the vulnerability to execute malicious code...

CVE-2025-24039

Visual Studio Code Elevation of Privilege Vulnerability...

WordPress plugin Puzzles 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

SourceCodester Food Menu Manager 代码问题漏洞

SourceCodester Food Menu Manager is a Sourcecodester open source food menu manager. A code issue vulnerability exists in SourceCodester Food Menu Manager version 1.0, which stems from...

CVE-2022-24056

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

CVE-2019-17202

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a...

CVE-2024-8300

Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric ICONICS Suite Version 10.97.2, 10.97.2 CFR1, 10.97...

CVE-2024-8125 A remote code vulnerability has been discovered in OpenText™ Content Management.

Improper Validation of Specified Type of Input vulnerability in OpenText™ Content Management Extended ECM allows Parameter Injection. A bad actor with the required OpenText Content Management privileges not root could expose the vulnerability to carry out a remote code execution attack on the...