Lucene search
K

94 matches found

CNNVD
CNNVD
added 2025/05/15 12:0 a.m.6 views

itsourcecode Placement Management System 注入漏洞

itsourcecode Placement Management System is an open source placement management system from itsourcecode. An injection vulnerability exists in version 1.0 of itsourcecode Placement Management System, which originates from a SQL injection due to incorrect manipulation of the parameter delete in th...

9.8CVSS7.7AI score0.00421EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/04/07 12:0 a.m.5 views

Code-Projects Online Restaurant Management System 注入漏洞

Code-Projects Online Restaurant Management System is a Code-Projects open source online restaurant management system. Code-Projects Online Restaurant Management System version 1.0 suffers from an injection vulnerability that stems from improper handling of the parameter del in the /admin/combo.ph...

9.8CVSS7.9AI score0.00478EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.5 views

CodeAstro Complaint Management System 安全漏洞

CodeAstro Complaint Management System is a complaint management system from CodeAstro. A security vulnerability exists in CodeAstro Complaint Management System v1.0, which stems from an IDOR vulnerability that can be exploited to execute arbitrary code and obtain sensitive information by modifyin...

8.8CVSS7.3AI score0.00684EPSS
Exploits1References1
OSV
OSV
added 2024/12/17 6:15 p.m.9 views

CVE-2024-55496

A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project 1.0. This issue affects some unknown functionality of addcompany.php. Actions on the delete parameter result in SQL injection...

9.1CVSS5.8AI score0.00579EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.10 views

PT-2024-36530 · Unknown · 1000Projects Bookstore Management System Php Mysql Project

Name of the Vulnerable Software and Affected Versions: 1000projects Bookstore Management System PHP MySQL Project version 1.0 Description: A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project. This issue affects some unknown functionality of the "add...

9.1CVSS7.7AI score0.00579EPSS
Exploits1References8
Snyk
Snyk
added 2024/10/05 1:41 a.m.3 views

Cross-Site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-Site Request Forgery CSRF via the delete parameter, due to insufficient verification of the origin of HTTP requests. Remediation Upgrade mediawiki/cargo to version 3.7 or higher. References - Gerrit Mediawiki - Wikimedia Phabricat...

8.8CVSS7AI score0.00264EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/05 12:0 a.m.4 views

PT-2024-28332 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the component /admin/vpsApiData deal.php. The mudi parameter is involved, specifically when set to del. This allows for unauthorized actions to be...

5.4CVSS7AI score0.00185EPSS
Exploits1References7
OSV
OSV
added 2024/05/15 3:15 p.m.3 views

CVE-2024-34955

Code-projects Budget Management 1.0 is vulnerable to SQL Injection via the delete parameter...

9.8CVSS5.8AI score0.00601EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/05/15 2:13 p.m.20 views

CVE-2024-34955

Code-projects Budget Management 1.0 is vulnerable to SQL Injection via the delete parameter...

8.1AI score0.00601EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.2 views

Budget Management security breach

SourceCodester Budget Management System is an application from SourceCodester, Inc. It provides a function to calculate exact expenses through a web application. A security vulnerability exists in Budget Management version 1.0 that stems from the vulnerability to SQL injection attacks via the...

9.8CVSS7.9AI score0.00601EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.6 views

PT-2024-26270 · Unknown · Code-Projects Budget Management

Name of the Vulnerable Software and Affected Versions: Code-projects Budget Management version 1.0 Description: The issue is related to SQL Injection, which occurs via the delete parameter. This allows for potential manipulation of database queries. Recommendations: For Code-projects Budget...

9.8CVSS7.8AI score0.00601EPSS
Exploits1References3
CNVD
CNVD
added 2024/04/17 12:0 a.m.4 views

Student Record System manage-courses.php File SQL Injection Vulnerability

Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the del parameter of the file /manage-courses.php?del=1. An attacker can exploit this vulnerability t...

9.8CVSS8.2AI score0.00844EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/03/14 12:0 a.m.4 views

PT-2024-20578 · Unknown · Surya2Developer Hostel Management System

Name of the Vulnerable Software and Affected Versions: Surya2Developer Hostel Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /admin/manage-students.php. The manipulation of the del argument leads to improper access...

6.5CVSS6.8AI score0.00953EPSS
Exploits1References6
OSV
OSV
added 2024/02/14 3:15 p.m.2 views

CVE-2024-25212

Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /delete.php...

7.2CVSS5.8AI score0.00716EPSS
Exploits1References1
OSV
OSV
added 2024/02/06 4:15 p.m.4 views

CVE-2024-1251

A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /general/email/outbox/delete.php. The manipulation of the argument DELETESTR leads to sql injection. The exploit has been disclosed to the public and may be used...

9.8CVSS6.1AI score0.00617EPSS
Exploits1References3
OSV
OSV
added 2024/01/26 10:15 a.m.2 views

CVE-2024-23870

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stockissuancelist.php, in the delete parameter. Exploitation of this vulnerability...

6.1CVSS5.8AI score0.00437EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.5 views

PT-2024-20139 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A Cross-Site Scripting XSS issue has been reported due to insufficient encoding of user-controlled inputs. This issue can be exploited via the "/cupseasylive/stockissuancelist.php" API...

8.2CVSS6.2AI score0.00437EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/26 12:0 a.m.6 views

Cups Easy 跨站脚本漏洞

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the delete parameter on the /cupseasylive/stockissuancelist.php page. An attacker could...

8.2CVSS6.9AI score0.00437EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/28 12:0 a.m.4 views

Task Reminder System SQL Injection Vulnerability

Task Reminder System is a Task Reminder System by Carlo Montero Personal Developer. A SQL injection vulnerability exists in Task Reminder System version 1.0, which stems from the parameter id of the file classes/Users.php?f=delete that can lead to SQL injection...

9.8CVSS7.9AI score0.00418EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/26 12:0 a.m.6 views

TONGDA Office Anywhere SQL Injection Vulnerability

TONGDA Office Anywhere is a collaborative office OA system. A security vulnerability exists in TONGDA Office Anywhere version 11.10, which originates from a SQL injection vulnerability in the parameter deleteSTR in the file setprint/delete.php...

9.8CVSS7.9AI score0.00723EPSS
Exploits1References4
Rows per page
Query Builder