162 matches found
PT-2024-33659 · Unknown · Code-Projects Simple Chat System
Name of the Vulnerable Software and Affected Versions: code-projects Simple Chat System version 1.0 Description: A critical vulnerability was found in the code-projects Simple Chat System. This issue affects the file /register.php and is related to SQL injection. The manipulation of the name,...
PT-2024-26292 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/admin/infoType deal.php?mudi=add&nohrefStr=close". Recommendations: For idccms version 1.35, consider disabling access to the...
PT-2024-20985 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the sys file storage id parameter at the "/WorkPlan/WorkPlanAttachDownLoad.aspx" API endpoint...
PT-2024-25500 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component /admin/readDeal.php?mudi=updateWebCache. This issue allows for potential exploitation. Recommendations: For idccms version 1.35, consider...
PT-2024-25115 · Thinksaas · Thinksaas
Name of the Vulnerable Software and Affected Versions: ThinkSAAS version 3.7.0 Description: A stored cross-site scripting XSS vulnerability in the component /pubs/counter.php allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the code parameter. This...
PT-2024-25263 · Onethink · Onethink
Name of the Vulnerable Software and Affected Versions: onethink version 1.1 Description: An issue in the software allows a remote attacker to execute arbitrary code via a crafted script to the AddonsController.class.php component. Recommendations: For onethink version 1.1, consider disabling acce...
PT-2024-25256 · Ncast · Ncast Yingshi High-Definition Intelligent Recording/Playback System
Name of the Vulnerable Software and Affected Versions: Ncast Yingshi high-definition intelligent recording and playback system versions 2007 through 2017 Description: The issue allows a remote attacker to execute arbitrary code via the "/manage/IPSetup.php" backend function. This enables the...
PT-2024-24488 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0 Tenda W30E version 1.0.1.25633 Description: The issue is a stack overflow vulnerability that can be exploited via the page parameter in the fromAddressNat function. This vulnerability affects the firmware of the Tenda...
PT-2024-26427 · Unknown · Campcodes Complete Online Student Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Complete Online Student Management System version 1.0 Description: A vulnerability was found in the processing of the file courses view.php, where the manipulation of the argument FirstRecord leads to cross-site scripting. The attac...
PT-2024-26047 · Sourcecodester · Sourcecodester Loan Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Laundry Management System version 1.0 Description: A vulnerability has been found in the SourceCodester Laundry Management System, classified as problematic. This issue affects unknown code of the file /karyawan/edit. The...
PT-2024-25862 · Unknown · Sourcecodester Prison Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Prison Management System version 1.0 Description: A critical issue has been found in the SourceCodester Prison Management System, affecting some unknown functionality of the file /Employee/edit-profile.php. This issue leads to...
PT-2024-25274 · Sourcecodester · Sourcecodester Airline Ticket Reservation System
Name of the Vulnerable Software and Affected Versions: SourceCodester Airline Ticket Reservation System version 1.0 Description: A critical issue affects the processing of the file activate jet details form handler.php, where the manipulation of the jet id argument leads to sql injection. The...
PT-2024-23493 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: An issue was discovered that allows remote attackers to execute arbitrary code via the admin notify.php endpoint. Recommendations: For SeaCMS version 12.9, consider disabling access to the admin notify.php...
PT-2024-24128 · Unknown · Bdtask Multi-Store Inventory Management System
Name of the Vulnerable Software and Affected Versions: Bdtask Multi-Store Inventory Management System up to 20240325 Description: A vulnerability was found in the Bdtask Multi-Store Inventory Management System, affecting an unknown function of the file /stockmovment/stockmovment/delete/ of the...
PT-2024-22026 · Unknown · Campcodes Online Marriage Registration System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Marriage Registration System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /admin/search.php. The manipulation of the searchdata argument leads to SQL injection. ...
PT-2024-23094 · Unknown · Sentrifugo
Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It could allow a remote user to send a specially crafted query to the server and extract all the data from it. The vulnerability is exploited through t...
PT-2024-21223 · Amss++ · Amss++
Name of the Vulnerable Software and Affected Versions: AMSS++ version 4.31 Description: The issue is related to insufficient encoding of user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited through the...
PT-2024-21076 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform
Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform up to 20240313 Description: A critical issue affects an unknown functionality of the file api/client/get extension yl.php. The manipulation of the imei argument leads to SQL injection...
PT-2024-22496 · Ritecms · Ritecms
Name of the Vulnerable Software and Affected Versions: RiteCMS version 3.0.0 Description: A cross-site scripting XSS issue was found in the main menu/edit section component. This allows for potential XSS attacks. Recommendations: For RiteCMS version 3.0.0, consider disabling access to the main...
PT-2024-2318 · Tenda · Tenda Ac18
Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A critical issue affects the formexeCommand function of the file /goform/execCommand. The manipulation of the cmdinput argument leads to a stack-based buffer overflow. This issue can be exploited...