Lucene search
K

18 matches found

CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

SourceCodester Pizzafy Ecommerce System 安全漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a security vulnerability, which stems from the handling of the 'page' parameter in the file/index.php, potentially leading t...

6.5CVSS5.3AI score0.00227EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/26 12:30 p.m.10 views

EUVD-2026-25716

A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description leads to command injection. The attack must be carried out locally. The exploit has been disclosed...

8.5CVSS5.1AI score0.00653EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/19 12:0 a.m.8 views

MuuCmf 安全漏洞

MuuCmf is an open-source application development framework created by Dameng100. Version MuuCmf 1.9.5.20260309 contains a security vulnerability, which stems from the handling of the keyword parameter in the file/index/Search/index.html. This vulnerability may lead to SQL injection attacks...

7.5CVSS7.2AI score0.00274EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/06 4:45 a.m.8 views

CVE-2026-5623

A vulnerability was identified in hcengineering Huly Platform 0.7.382. This affects an unknown part of the file server/front/src/index.ts of the component Import Endpoint. Such manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit is publicly availabl...

6.5CVSS6.2AI score0.00199EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

MCP Code Executor 命令注入漏洞

MCP Code Executor is a code execution server developed by bazinga012. Versions of MCP Code Executor prior to 0.3.0 have a command injection vulnerability, which stems from incorrect operations on the function installDependencies in the file src/index.ts, potentially leading to command injection...

5.3CVSS6.5AI score0.00636EPSS
Exploits0References7
OSV
OSV
added 2026/03/03 9:31 p.m.4 views

GHSA-XC68-RRQC-QGQ3 MCP NMAP Server has an Injection vulnerability

A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function childprocess.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may...

6.3CVSS5.6AI score0.02569EPSS
Exploits1References9
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.5 views

Chamilo 代码问题漏洞

Chamilo is an open-source learning management system developed by Chamilo. Versions of Chamilo prior to 1.11.30 had code vulnerabilities. These vulnerabilities stemmed from improper handling of the POST parameter openidurl in the file/index.php file, which could lead to blind SRFI attacks...

9.1CVSS5.9AI score0.00364EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178051

Malicious code in load-protected-file-index-analyze npm...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 11:35 a.m.7 views

CVE-2025-0458

A vulnerability classified as problematic was found in Virtual Computer Vysual RH Solution 2024.12.1. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Panel. The manipulation of the argument page leads to cross site scripting. The attack can...

6.9CVSS6AI score0.00414EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:11 a.m.9 views

CVE-2023-2368

A vulnerability was found in SourceCodester Faculty Evaluation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php?page=managequestionnaire. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. Th...

9.8CVSS5.8AI score0.00722EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.4 views

zentaopms 代码问题漏洞

zentaopms is EasySoft open source an agile scrum project management system u200b. A code issue vulnerability exists in zentaopms version 21.520250307, which stems from a misbehavior of the parameter filePath in file/index.php leading to deserialization...

9.1CVSS6.6AI score0.00426EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/02/03 12:0 a.m.4 views

CmsEasy 路径遍历漏洞

CmsEasy is a content management system CMS for creating responsive websites from China's CmsEasy company. A path traversal vulnerability exists in CmsEasy version 7.7.7.9, which stems from a path traversal caused by the parameter select in...

6.5CVSS5.6AI score0.00831EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/01/31 12:0 a.m.7 views

openBI 代码注入漏洞

openBI is a big data visualization solution from openBI. A code injection vulnerability exists in openBI 1.0.8 and earlier versions, which stems from a problem with the index function in the /application/index/controller/Screen.php file, which could lead to code injection. Currently there are no...

9.8CVSS7.4AI score0.00743EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/13 12:0 a.m.3 views

Taokeyun SQL Injection Vulnerability

Taokeyun is a shopping mall system by jifeer individual developer. A SQL injection vulnerability exists in Taokeyun version 1.0.5 and earlier versions, which originates from a SQL injection vulnerability in the cid parameter of the index function in the application/index/controller/m/Drs.php file...

9.8CVSS7.9AI score0.00792EPSS
Exploits2References5
CNNVD
CNNVD
added 2023/09/01 12:0 a.m.3 views

tine SQL Injection Vulnerability

tine is a team collaboration software from tine, Inc. A security vulnerability exists in versions prior to tine 2023.01.14.325, which stems from a sort parameter in the file/index.php endpoint that allows SQL injection...

9.8CVSS7.4AI score0.00773EPSS
Exploits1References4
0day.today
0day.today
added 2020/07/20 12:0 a.m.468 views

Employee Record Management System 1.1 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Employee Record Management SystemERMS 1.1 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

7.4AI score
Exploits0
CNVD
CNVD
added 2018/05/08 12:0 a.m.1 views

Vesta Control Panel Cross-Site Scripting Vulnerability (CNVD-2018-09183)

Vesta Control Panel is an open source web hosting control panel. A cross-site scripting vulnerability exists in Vesta Control Panel version 0.9.8-20. A remote attacker can exploit this vulnerability by sending the 'path' parameter to the view/file/index.php URI to execute PHP code...

6.1CVSS6.6AI score0.01273EPSS
Exploits1References1
myhack58
myhack58
added 2011/05/05 12:0 a.m.16 views

Industry management system SQL blind injection vulnerability-vulnerability warning-the black bar safety net

Industry management system SQL blind injection vulnerability. The problem of the file index. asp Type: sql blind injection,injection. Test: http://www.tmdsb.com/index.asp?CID=27+and+1=1– http://www.tmdsb.com/index.asp?CID=27+and+1=2– http://www.tmdsb.com/index.asp?CID=SQLI Google keywords:...

0.6AI score
Exploits0
Rows per page
Query Builder