Lucene search
+L

340 matches found

Vulnrichment
Vulnrichment
added 2025/11/16 5:32 a.m.3 views

CVE-2025-13238 Bdtask Flight Booking Software Edit Profile edit unrestricted upload

A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this vulnerability is an unknown functionality of the file /agent/profile/edit of the component Edit Profile Page. This manipulation causes unrestricted upload. The attack may be initiated remotely. The exploit has be...

6.5CVSS6.2AI score0.00312EPSS
Exploits1References4
CVE
CVE
added 2025/11/16 5:32 a.m.18 views

CVE-2025-13238

CVE-2025-13238 affects Bdtask Flight Booking Software 4. The Edit Profile Page component (/agent/profile/edit) is susceptible to manipulation that enables unrestricted file uploads. The flaw can be exploited remotely and has publicly available exploit materials. Multiple sources corroborate the i...

8.8CVSS6.2AI score0.00312EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/11/16 12:0 a.m.7 views

Code-Projects Student Information System SQL注入漏洞

Student Information System is a student information system. Student Information System is vulnerable to a SQL injection vulnerability that originates from the /editprofile.php file not effectively filtering user input. No details of the vulnerability are available at this time...

8.8CVSS6.8AI score0.00343EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/11/16 12:0 a.m.9 views

PT-2025-47073

Name of the Vulnerable Software and Affected Versions Bdtask Flight Booking Software version 4 Description A flaw exists in Bdtask Flight Booking Software version 4 that allows for unrestricted file upload through the Edit Profile Page, specifically via the /agent/profile/edit file. This...

6.5CVSS6.4AI score0.00312EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/11/16 12:0 a.m.4 views

Bdtask Flight Booking Software 代码问题漏洞

Bdtask Flight Booking Software is an airline booking software from Bdtask Bangladesh. A code issue vulnerability exists in Bdtask Flight Booking Software that stems from incorrect manipulation of the component Edit Profile Page in the file /agent/profile/edit, which could lead to unlimited upload...

8.8CVSS6.4AI score0.00312EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/11/16 12:0 a.m.9 views

PT-2025-47080

Name of the Vulnerable Software and Affected Versions code-projects Student Information System version 2.0 Description A security issue exists in code-projects Student Information System 2.0. The issue involves cross site scripting and impacts an unknown function within the /editprofile.php file...

5.1CVSS5.6AI score0.00253EPSS
Exploits1References7
OSV
OSV
added 2025/11/14 8:15 p.m.4 views

CVE-2025-13180

A vulnerability was found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. Impacted is an unknown function of the file /editprofile. Performing manipulation of the argument firstname/lastname results in basic cross site scripting. It is possible to...

5.4CVSS4.2AI score0.00229EPSS
Exploits1References4
EUVD
EUVD
added 2025/11/14 7:32 p.m.3 views

EUVD-2025-197649

A vulnerability was found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. Impacted is an unknown function of the file /editprofile. Performing manipulation of the argument firstname/lastname results in basic cross site scripting. It is possible to...

5.1CVSS5.1AI score0.00229EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/14 7:32 p.m.2 views

CVE-2025-13180 Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System edit_profile cross site scripting

A vulnerability was found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. Impacted is an unknown function of the file /editprofile. Performing manipulation of the argument firstname/lastname results in basic cross site scripting. It is possible to...

5.1CVSS3.8AI score0.00229EPSS
Exploits1References4
CVE
CVE
added 2025/11/14 7:32 p.m.12 views

CVE-2025-13180

CVE-2025-13180 affects Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System (versions up to 20250320). The vulnerability arises from improper handling of the first_name/last_name parameters in the /edit_profile function, enabling basic cross-site scripting. It can be expl...

5.4CVSS5.3AI score0.00229EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/11/14 7:15 p.m.7 views

CVE-2025-13178

A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /editprofile of the component User Profile Handler. This manipulation of the argument firstname/lastname causes basic cross site scripting. The attack is possible to be carried...

5.4CVSS0.00229EPSS
Exploits1References4
EUVD
EUVD
added 2025/11/14 7:2 p.m.3 views

EUVD-2025-197652

A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /editprofile of the component User Profile Handler. This manipulation of the argument firstname/lastname causes basic cross site scripting. The attack is possible to be carried...

5.1CVSS5.2AI score0.00229EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/11/14 7:2 p.m.18 views

CVE-2025-13178 Bdtask/CodeCanyon SalesERP User Profile edit_profile cross site scripting

A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /editprofile of the component User Profile Handler. This manipulation of the argument firstname/lastname causes basic cross site scripting. The attack is possible to be carried...

5.1CVSS0.00229EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/11/14 7:2 p.m.1 views

CVE-2025-13178 Bdtask/CodeCanyon SalesERP User Profile edit_profile cross site scripting

A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /editprofile of the component User Profile Handler. This manipulation of the argument firstname/lastname causes basic cross site scripting. The attack is possible to be carried...

5.1CVSS3.8AI score0.00229EPSS
Exploits1References4
CVE
CVE
added 2025/11/14 7:2 p.m.16 views

CVE-2025-13178

CVE-2025-13178 affects Bdtask/CodeCanyon SalesERP up to 20250728, targeting the /edit_profile file in the User Profile Handler. The issue arises from manipulation of the first_name/last_name parameters, enabling basic cross-site scripting. Remote exploitation is possible, and the exploit has been...

5.4CVSS3.9AI score0.00229EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.6 views

PT-2025-46998

Name of the Vulnerable Software and Affected Versions Bdtask/CodeCanyon SalesERP versions up to 20250728 Description A security issue exists in Bdtask/CodeCanyon SalesERP. The issue is related to the User Profile Handler component and specifically affects code within the /edit profile file...

5.4CVSS3.4AI score0.00229EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.4 views

Bdtask SalesERP 安全漏洞

Bdtask SalesERP is a sales enterprise resource planning software from Bdtask Bangladesh. A security vulnerability exists in Bdtask SalesERP 20250728 and earlier versions, which stems from incorrect manipulation of the parameters firstname/lastname in the file /editprofile, and could lead to a bas...

5.4CVSS4.3AI score0.00229EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.4 views

Bdtask Wholesale Inventory Control and Inventory Management System 安全漏洞

Bdtask Wholesale Inventory Control and Inventory Management System is an inventory management software from Bdtask Bangladesh. A security vulnerability exists in Bdtask Wholesale Inventory Control and Inventory Management System 20250320 and earlier versions, which stems from incorrect manipulati...

5.4CVSS4.3AI score0.00229EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.7 views

PT-2025-47002

Name of the Vulnerable Software and Affected Versions Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System versions up to 20250320 Description A cross-site scripting issue exists in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System. The issue i...

5.4CVSS4AI score0.00229EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/10/28 3:4 p.m.4 views

CVE-2025-12287

A security vulnerability has been detected in Bdtask Wholesale Inventory Control and Inventory Management System up to 20251013. This impacts an unknown function of the file /Admindashboard/editprofile. Such manipulation of the argument firstname/lastname leads to sql injection. The attack may be...

7.2CVSS6.9AI score0.00427EPSS
Exploits1References1
Rows per page
Query Builder