Lucene search
+L

260 matches found

ATTACKERKB
ATTACKERKB
added 2025/07/14 12:0 a.m.2 views

CVE-2025-51658

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMSInquiryView.php...

5.4CVSS6AI score0.00221EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/07/14 12:0 a.m.5 views

SEMCMS 安全漏洞

SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that supports multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of ID parameter in SEMCMSInquiryView.php...

5.4CVSS7.9AI score0.00221EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2025/07/10 11:22 p.m.5 views

SUSE CVE-2025-38304

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eirgetservicedata The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIRSERVICEDATA...

5.5CVSS6.5AI score0.00145EPSS
Exploits0References22
ATTACKERKB
ATTACKERKB
added 2025/07/10 7:42 a.m.5 views

CVE-2025-38303

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eircreateadvdata eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking if that would fit...

5.5CVSS5.7AI score0.00146EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/29 12:6 a.m.12 views

CVE-2025-50370

A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...

6.5CVSS6.5AI score0.00137EPSS
Exploits0References1
NVD
NVD
added 2025/06/27 4:15 p.m.10 views

CVE-2025-50370

A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...

6.5CVSS0.00137EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.8 views

PT-2025-27238 · Unknown · Phpgurukul Medical Card Generation System

Name of the Vulnerable Software and Affected Versions: Phpgurukul Medical Card Generation System version 1.0 Description: A Cross-Site Request Forgery CSRF issue exists in the Inquiry Management functionality, specifically at the "/mcgs/admin/readenq.php" endpoint. This allows an authenticated...

6.5CVSS7.3AI score0.00137EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/06/27 12:0 a.m.9 views

PHPGurukul Medical Card Generation System 安全漏洞

PHPGurukul Medical Card Generation System is a medical card generation system from PHPGurukul Inc. A security vulnerability exists in version 1.0 of the PHPGurukul Medical Card Generation System, which stems from a lack of CSRF protection in the Inquiry Management feature, which could lead to...

6.5CVSS6.5AI score0.00137EPSS
Exploits0References1
CVE
CVE
added 2025/06/27 12:0 a.m.25 views

CVE-2025-50370

CVE-2025-50370 affects Phpgurukul Medical Card Generation System 1.0, specifically the Inquiry Management endpoint /mcgs/admin/readenq.php. A CSRF flaw exists where an authenticated admin can delete inquiry records via a simple GET request without CSRF token or origin validation. This is supporte...

6.5CVSS6.6AI score0.00137EPSS
Exploits0References1Affected Software1
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: eir: Fixed possible crashes when using eircreateadvdata. eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking whether those values are compatible with the structure...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/05/24 12:0 a.m.5 views

Securing Credit Inquiries: the Role of Real-Time User Approval in Preventing SSN Identity Theft

Unauthorized credit inquiries are also a central entry point for identity theft, with Social Security Numbers SSNs being widely utilized in fraudulent cases. Traditional credit inquiry systems do not usually possess strict user authentication, making them vulnerable to unauthorized access. This...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:38 a.m.13 views

CVE-2024-4856

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...

8.2CVSS6.2AI score0.00478EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:18 a.m.8 views

CVE-2023-2345

A vulnerability was found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=deleteinquiry. The manipulation leads to improper authorization. The attack may be launched remotel...

9.8CVSS7.6AI score0.00511EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:47 a.m.5 views

CVE-2023-30415

Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/viewinquiry.php...

9.8CVSS8.5AI score0.00838EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:26 a.m.7 views

CVE-2023-27510

JB Inquiry form contains an exposure of private personal information to an unauthorized actor vulnerability, which may allow a remote unauthenticated attacker to obtain information entered from forms created using the affected product. The affected products and versions are as follows: JB Inquiry...

7.5CVSS6.8AI score0.00707EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:57 p.m.8 views

CVE-2022-32358

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=deleteinquiry...

7.2CVSS8.1AI score0.00909EPSS
Exploits1References1
Redos
Redos
added 2025/05/13 12:0 a.m.8 views

ROS-2-162

2.162 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

7.1AI score
Exploits0
Redos
Redos
added 2025/05/13 12:0 a.m.6 views

ROS-2-191

2.191 Notification on the update of MIS OPERATION SYSTEM "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/05/03 2:51 a.m.5 views

SUSE CVE-2023-53037

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an interna...

7.8CVSS6.5AI score0.00172EPSS
Exploits0References3
OSV
OSV
added 2025/05/02 4:15 p.m.5 views

AZL-70120 CVE-2023-53037 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an interna...

7.8CVSS5.6AI score0.00172EPSS
Exploits0References1
Rows per page
Query Builder