Lucene search
+L

162 matches found

Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.7 views

PT-2024-33659 · Unknown · Code-Projects Simple Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Chat System version 1.0 Description: A critical vulnerability was found in the code-projects Simple Chat System. This issue affects the file /register.php and is related to SQL injection. The manipulation of the name,...

9.8CVSS7.1AI score0.00649EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.3 views

PT-2024-26292 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/admin/infoType deal.php?mudi=add&nohrefStr=close". Recommendations: For idccms version 1.35, consider disabling access to the...

6.3CVSS7AI score0.00226EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.5 views

PT-2024-20985 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the sys file storage id parameter at the "/WorkPlan/WorkPlanAttachDownLoad.aspx" API endpoint...

9.4CVSS7.7AI score0.00618EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.6 views

PT-2024-25500 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component /admin/readDeal.php?mudi=updateWebCache. This issue allows for potential exploitation. Recommendations: For idccms version 1.35, consider...

5.4CVSS7.1AI score0.0021EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.5 views

PT-2024-25115 · Thinksaas · Thinksaas

Name of the Vulnerable Software and Affected Versions: ThinkSAAS version 3.7.0 Description: A stored cross-site scripting XSS vulnerability in the component /pubs/counter.php allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the code parameter. This...

5.4CVSS5AI score0.00394EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.9 views

PT-2024-25263 · Onethink · Onethink

Name of the Vulnerable Software and Affected Versions: onethink version 1.1 Description: An issue in the software allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component. Recommendations: For onethink version 1.1, consider disabling acce...

7.1CVSS8AI score0.00705EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.8 views

PT-2024-25256 · Ncast · Ncast Yingshi High-Definition Intelligent Recording/Playback System

Name of the Vulnerable Software and Affected Versions: Ncast Yingshi high-definition intelligent recording and playback system versions 2007 through 2017 Description: The issue allows a remote attacker to execute arbitrary code via the "/manage/IPSetup.php" backend function. This enables the...

9.8CVSS7.9AI score0.00947EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.5 views

PT-2024-24488 · Tenda · Tenda W30E

Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0 Tenda W30E version 1.0.1.25633 Description: The issue is a stack overflow vulnerability that can be exploited via the page parameter in the fromAddressNat function. This vulnerability affects the firmware of the Tenda...

6.7CVSS7.4AI score0.00656EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.6 views

PT-2024-26427 · Unknown · Campcodes Complete Online Student Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Online Student Management System version 1.0 Description: A vulnerability was found in the processing of the file courses view.php, where the manipulation of the argument FirstRecord leads to cross-site scripting. The attac...

6.1CVSS6.7AI score0.00644EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.10 views

PT-2024-26047 · Sourcecodester · Sourcecodester Loan Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Laundry Management System version 1.0 Description: A vulnerability has been found in the SourceCodester Laundry Management System, classified as problematic. This issue affects unknown code of the file /karyawan/edit. The...

5.4CVSS4.4AI score0.0055EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.8 views

PT-2024-25862 · Unknown · Sourcecodester Prison Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Prison Management System version 1.0 Description: A critical issue has been found in the SourceCodester Prison Management System, affecting some unknown functionality of the file /Employee/edit-profile.php. This issue leads to...

8.8CVSS7AI score0.00713EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.5 views

PT-2024-25274 · Sourcecodester · Sourcecodester Airline Ticket Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Airline Ticket Reservation System version 1.0 Description: A critical issue affects the processing of the file activate jet details form handler.php, where the manipulation of the jet id argument leads to sql injection. The...

9.8CVSS7.5AI score0.00862EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.5 views

PT-2024-23493 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: An issue was discovered that allows remote attackers to execute arbitrary code via the admin notify.php endpoint. Recommendations: For SeaCMS version 12.9, consider disabling access to the admin notify.php...

8.8CVSS8.4AI score0.01613EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/04/02 12:0 a.m.11 views

PT-2024-24128 · Unknown · Bdtask Multi-Store Inventory Management System

Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System up to 20240325 Description: A vulnerability was found in the Bdtask Multi-Store Inventory Management System, affecting an unknown function of the file /stockmovment/stockmovment/delete/ of the...

5CVSS4.9AI score0.00388EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.3 views

PT-2024-22026 · Unknown · Campcodes Online Marriage Registration System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Marriage Registration System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /admin/search.php. The manipulation of the searchdata argument leads to SQL injection. ...

6.5CVSS7.2AI score0.00496EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.19 views

PT-2024-23094 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It could allow a remote user to send a specially crafted query to the server and extract all the data from it. The vulnerability is exploited through t...

9.8CVSS7.5AI score0.00856EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.8 views

PT-2024-21223 · Amss++ · Amss++

Name of the Vulnerable Software and Affected Versions: AMSS++ version 4.31 Description: The issue is related to insufficient encoding of user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited through the...

7.1CVSS5.8AI score0.0042EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/16 12:0 a.m.6 views

PT-2024-21076 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform

Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform up to 20240313 Description: A critical issue affects an unknown functionality of the file api/client/get extension yl.php. The manipulation of the imei argument leads to SQL injection...

9.8CVSS7.9AI score0.00617EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/03/11 12:0 a.m.7 views

PT-2024-22496 · Ritecms · Ritecms

Name of the Vulnerable Software and Affected Versions: RiteCMS version 3.0.0 Description: A cross-site scripting XSS issue was found in the main menu/edit section component. This allows for potential XSS attacks. Recommendations: For RiteCMS version 3.0.0, consider disabling access to the main...

6.1CVSS5.4AI score0.01317EPSS
Exploits4References6
Positive Technologies
Positive Technologies
added 2024/03/08 12:0 a.m.7 views

PT-2024-2318 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A critical issue affects the formexeCommand function of the file /goform/execCommand. The manipulation of the cmdinput argument leads to a stack-based buffer overflow. This issue can be exploited...

9CVSS8.9AI score0.01278EPSS
Exploits0References9
Rows per page
Query Builder