Lucene search
K

197 matches found

NVD
NVD
added yesterday6 views

CVE-2026-15672

A vulnerability was determined in itsourcecode Electronic Judging System 1.0. Impacted is an unknown function of the file /intrams/admin/addjudges.php. This manipulation of the argument fname causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

6.5CVSS0.002EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-58471

A flaw was found in GNU Wget. A remote attacker can exploit a heap buffer overflow vulnerability in the convertfname function. This occurs when processing a server-supplied filename that requires character set conversion, leading to memory corruption due to incorrect buffer reallocation. This can...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References5
NVD
NVD
added 2026/07/07 9:17 p.m.9 views

CVE-2026-58471

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

7.1CVSS0.00221EPSS
Exploits0References2
OSV
OSV
added 2026/07/07 9:17 p.m.3 views

UBUNTU-CVE-2026-58471

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 7:47 p.m.15 views

CVE-2026-58471

GNU Wget up to 1.25.0 contains a heap buffer overflow in convert_fname() (src/url.c) that can be triggered by a server-supplied filename requiring character set conversion. When the output buffer is too small and iconv E2BIG reallocates, the remaining space is miscalculated, allowing memory corru...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/07/07 7:47 p.m.6 views

CVE-2026-58471 GNU Wget 1.25.0 Heap Buffer Overflow via convert_fname() in url.c

GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convertfname function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is...

6CVSS6.2AI score0.00221EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.7 views

PT-2026-56240

Name of the Vulnerable Software and Affected Versions GNU Wget versions prior to 1.25.0 commit c2640fe Description A heap buffer overflow occurs in the convert fname function within src/url.c. This issue is triggered when a server-supplied filename requires character set conversion and the output...

7.1CVSS6.3AI score0.00221EPSS
Exploits0References13
ATTACKERKB
ATTACKERKB
added 2026/06/29 12:30 p.m.6 views

CVE-2026-13567

A security flaw has been discovered in code-projects Online Music Site 1.0. This affects an unknown part of the file /Frontend/Feedback.php of the component POST Request Handler. The manipulation of the argument fname/femail/faddress/fmessage results in cross site scripting. The attack may be...

5.3CVSS4.4AI score0.00273EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/29 12:30 p.m.8 views

EUVD-2026-40082

A security flaw has been discovered in code-projects Online Music Site 1.0. This affects an unknown part of the file /Frontend/Feedback.php of the component POST Request Handler. The manipulation of the argument fname/femail/faddress/fmessage results in cross site scripting. The attack may be...

5.3CVSS4.4AI score0.00273EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.11 views

CVE-2026-11534

A vulnerability was detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting. It is possible to launch...

5.1CVSS4AI score0.00199EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 4:45 p.m.11 views

CVE-2026-11534

A vulnerability was detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting. It is possible to launch...

5.1CVSS4AI score0.00199EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.16 views

student_management_system 跨站脚本漏洞

studentmanagementsystem is a student information management tool personally developed by Vivek Singh. studentmanagementsystem has a cross-site scripting vulnerability. This vulnerability stems from improper handling of parameters such as name, address, and fname by an unknown function in the...

5.1CVSS4.5AI score0.00199EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.13 views

CVE-2026-6033

A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /updatedetailsfromstudent.php?eno=146891650. Executing a manipulation of the argument fname can lead to sql injection. The attack may be performed from remote. The exploit has been public...

6.5CVSS6.4AI score0.00205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/27 8:14 p.m.19 views

CVE-2026-9527

A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly...

5.3CVSS4.4AI score0.00336EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 5:16 a.m.17 views

CVE-2026-9527

A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly...

5.3CVSS0.00336EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/26 3:45 a.m.15 views

EUVD-2026-31787

A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly...

5.3CVSS4.4AI score0.00336EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/26 3:45 a.m.7 views

CVE-2026-9527

A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly...

5.3CVSS4.4AI score0.00336EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/26 3:45 a.m.19 views

CVE-2026-9527

CVE-2026-9527 affects itsourcecode Electronic Judging System 1.0. The vulnerability resides in /admin/judges.php where manipulating the fname parameter triggers cross-site scripting. Remote exploitation is possible, and the exploit has been publicly disclosed (POC). Metrics indicate CVSS v3.1 bas...

5.3CVSS4.4AI score0.00336EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.17 views

PT-2026-43184

A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly...

5.3CVSS4.4AI score0.00336EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.13 views

itsourcecode Electronic Judging System 代码注入漏洞

itsourcecode Electronic Judging System is an open-source electronic judging system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System contains a code injection vulnerability. This vulnerability arises from improper handling of the fname parameter in the...

5.3CVSS5.7AI score0.00336EPSS
Exploits0References6
Rows per page
Query Builder