Lucene search
K

44 matches found

Vulnrichment
Vulnrichment
added 2026/06/02 8:30 p.m.9 views

CVE-2026-10624 SourceCodester Human Resource Management Employee View detailview.php resource injection

A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifier...

5.3CVSS5.3AI score0.00242EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/26 5:57 a.m.13 views

EUVD-2026-31795

Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...

4.6CVSS5.8AI score0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 5:57 a.m.19 views

CVE-2026-3314

Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...

4.6CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software3
NVD
NVD
added 2026/05/23 7:16 p.m.14 views

CVE-2018-25348

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...

8.8CVSS0.00358EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/23 6:30 p.m.7 views

CVE-2018-25348

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...

8.8CVSS5.9AI score0.00358EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/23 6:30 p.m.13 views

CVE-2018-25348

CVE-2018-25348 concerns the Joomla! extension Ek Rishta 2.10 , where an SQL injection vulnerability exists in the user_detail view through the cid parameter. Unauthenticated attackers can manipulate database queries by supplying malicious cid values, enabling extraction of sensitive information. ...

8.8CVSS5.9AI score0.00358EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/23 6:30 p.m.10 views

EUVD-2018-21870

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...

8.8CVSS5.9AI score0.00358EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/02 5:29 a.m.24 views

EUVD-2026-26744

The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to insufficient input validation and output escaping of Calculation Product field product names when rendered inside Repeater fields. The validat...

7.2CVSS6AI score0.00232EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/05 9:30 p.m.5 views

EUVD-2019-20064

SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Users module DetailView action that allows authenticated attackers to manipulate database queries. Attackers can append SQL code to the record parameter in GET requests to the index.php endpoint to...

7.1CVSS6AI score0.00342EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/05 8:45 p.m.3 views

CVE-2019-25664 SuiteCRM 7.10.7 SQL Injection via record Parameter

SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Users module DetailView action that allows authenticated attackers to manipulate database queries. Attackers can append SQL code to the record parameter in GET requests to the index.php endpoint to...

7.1CVSS6AI score0.00342EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/05 8:45 p.m.22 views

CVE-2019-25664 SuiteCRM 7.10.7 SQL Injection via record Parameter

SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Users module DetailView action that allows authenticated attackers to manipulate database queries. Attackers can append SQL code to the record parameter in GET requests to the index.php endpoint to...

7.1CVSS0.00342EPSS
Exploits1References4
OSV
OSV
added 2026/03/03 2:44 p.m.1 views

OPENSUSE-SU-2026:20318-1 Security update for gitea-tea

This update for gitea-tea fixes the following issues: Changes in gitea-tea: - update to 0.12.0: New Features - Add tea actions commands for managing workflow runs and workflows in 880, 796 - Add tea api subcommand for arbitrary API calls not covered by existing commands in 879 - Add repository...

5.3CVSS7.5AI score0.00502EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-24354

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00601EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-32492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket detail view in the customer front allows the execution of external JavaScript...

7.1CVSS5.9AI score0.00532EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:19 a.m.8 views

CVE-2024-32492

An issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket detail view in the customer front allows the execution of external JavaScript...

7.1CVSS6.9AI score0.00532EPSS
Exploits0References1
NVD
NVD
added 2024/04/29 5:15 p.m.14 views

CVE-2024-32492

An issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket detail view in the customer front allows the execution of external JavaScript...

7.1CVSS6.6AI score0.00532EPSS
Exploits0References2
OSV
OSV
added 2024/04/29 5:15 p.m.11 views

CVE-2024-32492

An issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket detail view in the customer front allows the execution of external JavaScript...

7.1CVSS6.8AI score0.00532EPSS
Exploits0References2
OSV
OSV
added 2024/04/29 5:15 p.m.1 views

UBUNTU-CVE-2024-32492

An issue was discovered in Znuny 7.0.1 through 7.0.16 where the ticket detail view in the customer front allows the execution of external JavaScript...

7.1CVSS5.9AI score0.00532EPSS
Exploits0References3
CVE
CVE
added 2024/04/29 12:0 a.m.92 views

CVE-2024-32492

Znuny 7.0.1–7.0.16 contains a vulnerability in the ticket detail view for the customer front that allows execution of external JavaScript. The issue is supported by multiple sources (NVD/NASL entries and Red Hat/Ubuntu Debian advisories) without a documented vendor patch in the provided materials...

7.1CVSS6.8AI score0.00532EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.9 views

PT-2024-24614 · Znuny · Znuny

Name of the Vulnerable Software and Affected Versions: Znuny versions 7.0.1 through 7.0.16 Description: An issue was discovered where the ticket detail view in the customer front allows the execution of external JavaScript. Recommendations: For versions 7.0.1 through 7.0.16, consider disabling th...

7.1CVSS7AI score0.00532EPSS
Exploits0References8
Rows per page
Query Builder