Lucene search
+L

742 matches found

NVD
NVD
added 2025/06/16 9:15 a.m.11 views

CVE-2025-40728

SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customersupport/manageuser.php endpoint...

8.8CVSS0.00429EPSS
Exploits0References1
CVE
CVE
added 2025/06/10 10:3 a.m.48 views

CVE-2025-40655

CVE-2025-40655 describes a SQL injection in DM Corporative CMS exploitable through the name parameter of /antcatalogue.asp, enabling an attacker to retrieve, create, update, and delete data in the back-end database. The vulnerability is documented across multiple sources (NVD, Red Hat, CNVD/CNNVD...

9.8CVSS8.1AI score0.00312EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/09 6:9 p.m.8 views

CVE-2025-5840

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

7.5CVSS7.1AI score0.00378EPSS
Exploits2References1
OSV
OSV
added 2025/06/07 6:15 p.m.4 views

CVE-2025-5840

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

6.9CVSS5.6AI score0.00378EPSS
Exploits2References5
NVD
NVD
added 2025/06/07 6:15 p.m.15 views

CVE-2025-5840

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

7.5CVSS0.00378EPSS
Exploits2References5
Cvelist
Cvelist
added 2025/06/07 6:0 p.m.26 views

CVE-2025-5840 SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

7.5CVSS0.00378EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2025/06/07 6:0 p.m.8 views

CVE-2025-5840 SourceCodester Client Database Management System user_update_customer_order.php unrestricted upload

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /userupdatecustomerorder.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to initiate the...

7.5CVSS7.2AI score0.00378EPSS
Exploits2References5
CVE
CVE
added 2025/06/07 6:0 p.m.72 views

CVE-2025-5840

SourceCodester Client Database Management System 1.0 contains a vulnerability in the file /user_update_customer_order.php where the uploaded_file parameter can be manipulated to achieve unrestricted file upload. This remote-access flaw could allow an attacker to upload arbitrary files, potentiall...

7.5CVSS7.2AI score0.00378EPSS
Exploits2References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/07 12:0 a.m.11 views

PT-2025-24347 · Unknown · Sourcecodester Client Database Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Client Database Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Client Database Management System. This issue affects an unknown part of the file /user update customer...

7.5CVSS7.1AI score0.00378EPSS
Exploits2References13
RedhatCVE
RedhatCVE
added 2025/05/30 12:49 p.m.15 views

CVE-2025-5299

A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...

7.5CVSS7.1AI score0.00513EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/28 10:47 p.m.21 views

CVE-2025-5207

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

9.8CVSS7.3AI score0.00356EPSS
Exploits1References1
NVD
NVD
added 2025/05/28 12:15 p.m.13 views

CVE-2025-5299

A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...

7.5CVSS0.00513EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/28 12:0 p.m.23 views

CVE-2025-5299 SourceCodester Client Database Management System user_order_customer_update.php unrestricted upload

A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...

7.5CVSS0.00513EPSS
Exploits1References5
CVE
CVE
added 2025/05/28 12:0 p.m.56 views

CVE-2025-5299

CVE-2025-5299 affects SourceCodester Client Database Management System v1.0. The vulnerability is in the file /user_order_customer_update.php, where manipulating the argument uploaded_file_cancelled enables unrestricted file upload. Exploitation is possible remotely and exploits have been disclos...

7.5CVSS7.3AI score0.00513EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/05/26 10:15 p.m.14 views

CVE-2025-5207

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

9.8CVSS0.00356EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/05/26 10:0 p.m.8 views

CVE-2025-5207 SourceCodester Client Database Management System superadmin_update_profile.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

5.8CVSS7.3AI score0.00356EPSS
Exploits1References5
CVE
CVE
added 2025/05/26 10:0 p.m.63 views

CVE-2025-5207

CVE-2025-5207 affects SourceCodester Client Database Management System 1.0. The vulnerability is an SQL injection in the file /superadmin_update_profile.php triggered by manipulating the nickname/email parameters, potentially exploitable remotely. Multiple connected sources corroborate the issue’...

9.8CVSS5.2AI score0.00356EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/05/26 10:0 p.m.26 views

CVE-2025-5207 SourceCodester Client Database Management System superadmin_update_profile.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadminupdateprofile.php. The manipulation of the argument nickname/email leads to sql injection. The...

5.8CVSS0.00356EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/05/26 12:0 a.m.7 views

PT-2025-22937 · Unknown · Sourcecodester Client Database Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Client Database Management System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Client Database Management System. The issue affects an unknown functionality of the file /superadmin upda...

9.8CVSS5.4AI score0.00356EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/05/23 10:22 a.m.13 views

CVE-2024-7458

A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Database Management/Deployment Management. The manipulation of the argument file leads to path traversa...

9.8CVSS6.9AI score0.00839EPSS
Exploits1References1
Rows per page
Query Builder