Lucene search
K

17 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-40371

OpenZiti through 2.0.0, fixed in commit 3027fdf, contains a privilege escalation vulnerability that allows authenticated non-admin identities with fine-grained enrollment management permissions to create enrollments for any identity, including the default administrator, because the ApplyCreate...

8.8CVSS5.8AI score
Exploits0References4
Cvelist
Cvelist
added yesterday12 views

CVE-2026-58165 OpenZiti - Privilege Escalation to Admin via Unauthorized Enrollment Creation

OpenZiti through 2.0.0, fixed in commit 3027fdf, contains a privilege escalation vulnerability that allows authenticated non-admin identities with fine-grained enrollment management permissions to create enrollments for any identity, including the default administrator, because the ApplyCreate...

8.8CVSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-27753

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.01477EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-27754

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00843EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-27752

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.01635EPSS
Exploits4References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-31421

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01214EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:48 p.m.7 views

CVE-2021-40579

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges remote...

6.5CVSS7.4AI score0.00843EPSS
Exploits0
OSV
OSV
added 2021/12/28 12:15 p.m.4 views

CVE-2021-40579

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges remote...

6.5CVSS6.7AI score0.00843EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/12/28 11:59 a.m.16 views

CVE-2021-40579

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges remote...

7.1AI score0.00843EPSS
Exploits0References2
CNVD
CNVD
added 2021/12/27 12:0 a.m.14 views

Online Enrollment Management System SQL Injection Vulnerability

Online Enrollment Management System is an open source online enrollment management system. Online Enrollment Management System version 1.0 contains a SQL injection vulnerability that stems from the lack of effective filtering and escaping of the id parameter, which could be exploited to retrieve...

7.5CVSS2.6AI score0.01214EPSS
Exploits1References1
NVD
NVD
added 2021/12/23 1:15 p.m.10 views

CVE-2021-44599

The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with...

7.5CVSS0.01214EPSS
Exploits1References1
Prion
Prion
added 2021/12/23 1:15 p.m.10 views

Sql injection

The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with...

5CVSS7.6AI score0.01214EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/12/23 12:31 p.m.35 views

CVE-2021-44599

CVE-2021-44599 affects Online Enrollment Management System 1.0. The issue is a SQL injection in the id parameter, where a crafted payload can invoke MySQL load_file via a UNC path referencing an external URL, with the app interacting with that domain, indicating query execution. Root cause: lack ...

7.5CVSS7.5AI score0.01214EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/12/23 12:31 p.m.14 views

CVE-2021-44599

The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with...

7.8AI score0.01214EPSS
Exploits1References1
NVD
NVD
added 2021/11/08 6:15 p.m.17 views

CVE-2021-40577

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter...

5.4CVSS0.01635EPSS
Exploits4References2
CVE
CVE
added 2021/11/08 5:45 p.m.63 views

CVE-2021-40577

CVE-2021-40577 is a stored XSS vulnerability in the Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, affecting the Add-Users page via the Name parameter. The issue arises from storing unsanitized input that is later reflected, enabling a persistent script...

5.4CVSS5.4AI score0.01635EPSS
Exploits4References2Affected Software1
0day.today
0day.today
added 2021/10/08 12:0 a.m.233 views

Online Enrollment Management System 1.0 - Authentication Bypass Vulnerability

Exploit Title: Online Enrollment Management System 1.0 - Authentication Bypass Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/12914/online-enrollment-management-system-paypal-payments-phpmysqli.html Software Link:...

0.3AI score
Exploits0
Rows per page
Query Builder