Lucene search
+L

162 matches found

Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.6 views

PT-2024-19584 · Unknown · Boyiddha Automated-Mess-Management-System

Name of the Vulnerable Software and Affected Versions: boyiddha Automated-Mess-Management-System version 1.0 Description: A problematic issue has been found in the software, affecting some unknown functionality of the file /member/member edit.php. The manipulation of the name argument leads to...

6.1CVSS4.2AI score0.00465EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/03/03 12:0 a.m.6 views

PT-2024-18890 · Unknown · Sourcecodester Online Mobile Management Store

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Mobile Management Store version 1.0 Description: A critical issue affects some unknown functionality of the file /admin/login.php. The manipulation of the username argument leads to SQL injection. The attack can be...

9.8CVSS7.9AI score0.00847EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/02/29 12:0 a.m.8 views

PT-2024-2012 · Dell · Idrac8

Name of the Vulnerable Software and Affected Versions: Dell Integrated Remote Access Controller 8 iDRAC8 affected versions not specified Description: A command injection vulnerability exists in local RACADM, which is related to incorrect input validation. This issue can be exploited by a maliciou...

8CVSS7.7AI score0.00832EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.6 views

PT-2024-18462 · Unknown · Sourcecodester Online Job Portal

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Job Portal version 1.0 Description: A vulnerability was found in the SourceCodester Online Job Portal, affecting some unknown functionality of the file /Employer/EditProfile.php. The manipulation of the Address argument...

5.4CVSS4.2AI score0.00484EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/02/07 12:0 a.m.7 views

PT-2024-20239 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus versions 4.3.0-RC1 and prior Description: A SQL injection issue exists, allowing an attacker to pass specially crafted offset, limit, and sort parameters to perform SQL injection via the "/novel/userFeedback/list" API endpoint...

9.8CVSS9.6AI score0.00622EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/02/06 12:0 a.m.6 views

PT-2024-17654 · Jspxcms · Jspxcms

Name of the Vulnerable Software and Affected Versions: Jspxcms version 10.2.0 Description: A vulnerability was found in the processing of the file /ext/collect/filter text.do, which leads to cross-site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public a...

4.3CVSS4.2AI score0.00551EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/01/19 12:0 a.m.7 views

PT-2024-15781 · Unknown · Code-Projects Social Networking Site

Name of the Vulnerable Software and Affected Versions: code-projects Social Networking Site version 1.0 Description: A vulnerability was found in the code-projects Social Networking Site, affecting some unknown functionality of the file message.php of the component Message Page. The manipulation ...

5.4CVSS6.7AI score0.00451EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/01/08 12:0 a.m.3 views

PT-2024-12509 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a maliciou...

7.8CVSS8.5AI score0.01493EPSS
Exploits82References134
Positive Technologies
Positive Technologies
added 2024/01/05 12:0 a.m.7 views

PT-2024-15232 · Unknown · Uniway Router

Name of the Vulnerable Software and Affected Versions: Uniway Router versions up to 2.0 Description: A critical issue affects some unknown functionality of the file /boaform/device reset.cgi of the component Device Reset Handler, leading to denial of service. The attack may be launched remotely...

7.8CVSS7.8AI score0.0129EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.5 views

PT-2023-27969 · Unknown · Jeecg-Boot

Name of the Vulnerable Software and Affected Versions: jeecg-boot version 3.5.3 Description: The issue is an SSTI injection vulnerability that allows remote attackers to execute arbitrary code via a crafted HTTP request to the "/jmreport/loadTableData" component. This enables attackers to...

9.8CVSS9.7AI score0.02657EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.5 views

PT-2023-28112 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 774 Description: The issue affects Pandora FMS, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. Malicious code could be executed in the File Manager sectio...

7.5CVSS6.3AI score0.00278EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.8 views

PT-2023-30283

Name of the Vulnerable Software and Affected Versions SeaCMS version 12.9 Description A remote code execution RCE issue was discovered in SeaCMS via the component /augap/adminip.php. This allows for potential code execution by remote attackers. Recommendations For SeaCMS version 12.9, consider...

8.8CVSS7.4AI score0.01284EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.7 views

PT-2023-32913 · Sourcecodester · Sourcecodester Free/Open Source Inventory Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Free and Open Source Inventory Management System version 1.0 Description: A critical issue affects the processing of the file /app/ajax/sell return data.php. The manipulation of the argument columns0data leads to sql injection...

9.8CVSS7AI score0.00657EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/12/24 12:0 a.m.8 views

PT-2023-13730 · Nokia · Nokia Nfm-T

Name of the Vulnerable Software and Affected Versions: NOKIA NFM-T version R19.9 Description: An OS Command Injection issue occurs in the /cgi-bin/R19.9/log.pl endpoint of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands with root privileges...

8.8CVSS9AI score0.02237EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/22 12:0 a.m.7 views

PT-2023-8533 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version 9.3.5u.6146 B20201023 Description: The issue concerns the NTPSyncWithHost function in the cstecgi.cgi file of the TOTOLINK EX1200L router's firmware. It allows for arbitrary command execution due to the lack of proper...

10CVSS9.6AI score0.01297EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/22 12:0 a.m.8 views

PT-2023-32861 · Code Projects · Point Of Sales/Inventory Management System

Name of the Vulnerable Software and Affected Versions: code-projects Point of Sales and Inventory Management System version 1.0 Description: A vulnerability was found in the system, classified as problematic. It affects some unknown functionality of the file /main/checkout.php. The manipulation o...

6.1CVSS4.3AI score0.00526EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.5 views

PT-2023-28004 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro version 2.1.14 Description: A Cross Site Scripting XSS issue was found in the /admin/store.php component. Recommendations: For Emlog Pro version 2.1.14, consider disabling access to the /admin/store.php component until a patch is...

6.1CVSS6AI score0.01146EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/08 12:0 a.m.5 views

PT-2023-32715 · Typecho · Typecho

Name of the Vulnerable Software and Affected Versions: Typecho version 1.2.1 Description: A vulnerability has been found in the Logo Handler component of Typecho, affecting an unknown function of the file /admin/options-theme.php. This issue leads to cross site scripting and can be exploited...

4.8CVSS3.8AI score0.00559EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.10 views

PT-2023-32649 · Unknown · Voovi Social Networking Script

Name of the Vulnerable Software and Affected Versions: Voovi Social Networking Script version 1.0 Description: A SQL injection vulnerability has been reported, affecting the videos.php endpoint in the id parameter. This could allow a remote attacker to send a specially crafted SQL query to the...

9.8CVSS7.7AI score0.00831EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.7 views

PT-2023-32653 · Unknown · Bigprof Online Clinic Management System

Name of the Vulnerable Software and Affected Versions: BigProf Online Clinic Management System version 2.2 Description: A vulnerability has been discovered in the system, which does not sufficiently encode user-controlled input, resulting in persistent XSS through the /clinic/events view.php...

6.3CVSS5.3AI score0.00388EPSS
Exploits0References3
Rows per page
Query Builder