260 matches found
CVE-2025-51658
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMSInquiryView.php...
SEMCMS 安全漏洞
SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that supports multi-language. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of ID parameter in SEMCMSInquiryView.php...
SUSE CVE-2025-38304
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eirgetservicedata The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIRSERVICEDATA...
CVE-2025-38303
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eircreateadvdata eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking if that would fit...
CVE-2025-50370
A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...
CVE-2025-50370
A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...
PT-2025-27238 · Unknown · Phpgurukul Medical Card Generation System
Name of the Vulnerable Software and Affected Versions: Phpgurukul Medical Card Generation System version 1.0 Description: A Cross-Site Request Forgery CSRF issue exists in the Inquiry Management functionality, specifically at the "/mcgs/admin/readenq.php" endpoint. This allows an authenticated...
PHPGurukul Medical Card Generation System 安全漏洞
PHPGurukul Medical Card Generation System is a medical card generation system from PHPGurukul Inc. A security vulnerability exists in version 1.0 of the PHPGurukul Medical Card Generation System, which stems from a lack of CSRF protection in the Inquiry Management feature, which could lead to...
CVE-2025-50370
CVE-2025-50370 affects Phpgurukul Medical Card Generation System 1.0, specifically the Inquiry Management endpoint /mcgs/admin/readenq.php. A CSRF flaw exists where an authenticated admin can delete inquiry records via a simple GET request without CSRF token or origin validation. This is supporte...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: eir: Fixed possible crashes when using eircreateadvdata. eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking whether those values are compatible with the structure...
Securing Credit Inquiries: the Role of Real-Time User Approval in Preventing SSN Identity Theft
Unauthorized credit inquiries are also a central entry point for identity theft, with Social Security Numbers SSNs being widely utilized in fraudulent cases. Traditional credit inquiry systems do not usually possess strict user authentication, making them vulnerable to unauthorized access. This...
CVE-2024-4856
The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin or unauthenticated users...
CVE-2023-2345
A vulnerability was found in SourceCodester Service Provider Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=deleteinquiry. The manipulation leads to improper authorization. The attack may be launched remotel...
CVE-2023-30415
Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/viewinquiry.php...
CVE-2023-27510
JB Inquiry form contains an exposure of private personal information to an unauthorized actor vulnerability, which may allow a remote unauthenticated attacker to obtain information entered from forms created using the affected product. The affected products and versions are as follows: JB Inquiry...
CVE-2022-32358
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=deleteinquiry...
ROS-2-162
2.162 Notification on update of the RAND OPERATION SYSTEM "RED OS" RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
ROS-2-191
2.191 Notification on the update of MIS OPERATION SYSTEM "RED OS" No. RU.29926343.02.01-01-24 RED SOFT LLC notifies about the completion of the testing procedure and release of the updated RED OS 7.3 distribution. In order to update your copy of RED OS to the current state, you need to perform a...
SUSE CVE-2023-53037
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an interna...
AZL-70120 CVE-2023-53037 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an interna...