CVE-2026-46541

CVE-2026-46541 (Nimiq network-libp2p): Before 1.4.0, DHT handling in handle_dht_get() sometimes did not initialize the DhtResults accumulator if the first DHT record failed verification. This caused all subsequent valid records to be discarded with “DHT inconsistent state” errors, enabling potent...

CVE-2026-46541 Nimiq network-libp2p: DHT query poisoning via first-record verification failure

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handledhtget, the DhtResults accumulator is only initialized when the first DHT record passes verification. If the first record fails from a malicious DHT...

CVE-2024-3532

A vulnerability classified as problematic has been found in Campcodes Complete Online Student Management System 1.0. Affected is an unknown function of the file attendanceview.php. The manipulation of the argument FirstRecord leads to cross site scripting. It is possible to launch the attack...

Student Management System 跨站脚本漏洞

Student Management System is a simple web-based student management software. A cross-site scripting vulnerability exists in Student Management System version 1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the FirstRecord parameter of the unitsview.php...

PT-2024-26418 · Unknown · Campcodes Complete Online Student Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Online Student Management System version 1.0 Description: A problematic issue has been found in the system, affecting an unknown part of the file students view.php. The manipulation of the FirstRecord argument leads to...

PT-2024-26431 · Campcodes · Campcodes Complete Online Student Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Online Student Management System version 1.0 Description: A problematic vulnerability has been found in the attendance view.php file, where the manipulation of the FirstRecord argument leads to cross-site scripting. This...

PT-2024-26414 · Unknown · Campcodes Complete Online Student Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Complete Online Student Management System version 1.0 Description: A vulnerability was found in the system, classified as problematic, affecting some unknown functionality of the file units view.php. The manipulation of the...

BigProf Online Invoicing System Cross-Site Scripting Vulnerability

BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf Online Inventory Manager version 3.2, which stems from a cross-site scripting vulnerability in the FirstRecord parameter of /inventory/suppliersview.php...

BigProf Online Invoicing System Cross-Site Scripting Vulnerability

BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf Online Invoicing System version 2.6, which originates from a cross-site scripting vulnerability in the FirstRecord parameter of /invoicing/app/invoicesview.php...