Lucene search
+L

76 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2003-0794

Malware in sbrugna...

7.5CVSS6.4AI score0.05476EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-37868

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01137EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-6960

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00615EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.8 views

Online Fire Reporting System 跨站脚本漏洞

Online Fire Reporting System is an online fire reporting system developed by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in Online Fire Reporting System version 1.2, which stems from insufficient input validation of the parameters fullname, location, and...

5.4CVSS5.9AI score0.00193EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-13941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reported in SOLR-14515 private and fixed in SOLR-14561 public, released in Solr version 8.6.0. The Replication handler...

8.8CVSS7AI score0.03805EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2025/07/23 12:0 a.m.272 views

📄 Invision Community 4.7.20 SQL Injection

Invision Community versions 4.7.20 and below have a vulnerability located within the /applications/calendar/modules/front/calendar/view.php script. Specifically, in the IPS\calendar\modules\front\calendar\view::search method: user input passed through the location request parameter is not properl...

8.2AI score
Exploits2
Github Security Blog
Github Security Blog
added 2025/06/09 5:47 p.m.14 views

HAX CMS vulnerable to Local File Inclusion via saveOutline API Location Parameter

Summary An authenticated Local File Inclusion LFI vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location field written into site.json. This enables attackers to exfiltrate sensitive system files such as...

6.5CVSS7.2AI score0.00449EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:1 a.m.7 views

CVE-2024-27729

Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature...

7.4CVSS6.1AI score0.0037EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:54 p.m.8 views

CVE-2022-34966

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ipaddress/:port/ossn/home...

7.5CVSS7.5AI score0.01137EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:47 p.m.7 views

CVE-2020-7229

An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landinglocation. The function is countSearchedJobs. The file is lib/class.Job.php...

9.8CVSS8.2AI score0.01469EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.8 views

carRental 安全漏洞

carRental is a car rental software from carRental, Inc. A security vulnerability exists in carRental version v.1.0, which stems from the file/downloadFile.action?path=location contains a path traversal vulnerability...

7.5CVSS6.5AI score0.00973EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:36 a.m.9 views

CVE-2024-1594

A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the artifactlocation parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component in the artifact location URI to read arbitrary files on the...

7.5CVSS7.3AI score0.89716EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/11/23 12:0 a.m.7 views

PT-2024-17147 · Unknown · Code-Projects Simple Car Rental System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Car Rental System version 1.0 Description: A critical issue has been found in the code-projects Simple Car Rental System. The problem is related to an unknown function of the file /book car.php, where the manipulation of...

9.8CVSS7.8AI score0.00784EPSS
Exploits1References10
CNNVD
CNNVD
added 2024/11/23 12:0 a.m.7 views

Code-Projects Simple Car Rental System 注入漏洞

Code-Projects Simple Car Rental System is an open source car rental software from Code-Projects. An injection vulnerability exists in Code-Projects Simple Car Rental System version 1.0, which stems from incorrect manipulation of the parameters fname, idno, gender, email, phone, and location can...

9.8CVSS7.9AI score0.00784EPSS
Exploits1References5
OSV
OSV
added 2024/08/15 12:0 a.m.7 views

CVE-2024-27729

Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature...

7.4CVSS6AI score0.0037EPSS
Exploits1References4
NVD
NVD
added 2024/04/17 5:15 p.m.15 views

CVE-2024-30980

SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page...

9.8CVSS7.9AI score0.00695EPSS
Exploits1References1
NVD
NVD
added 2024/02/01 8:50 p.m.22 views

CVE-2024-24041

A stored cross-site scripting XSS vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php...

6.1CVSS6AI score0.0046EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/02/01 12:0 a.m.26 views

CVE-2024-24041

A stored cross-site scripting XSS vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php...

6.1AI score0.0046EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/02/01 12:0 a.m.8 views

PT-2024-20251 · Unknown · Travel Journal Using Php/Mysql

Name of the Vulnerable Software and Affected Versions: Travel Journal Using PHP and MySQL with Source Code version 1.0 Description: A stored cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter ...

6.1CVSS6.1AI score0.0046EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/02/01 12:0 a.m.7 views

Travel Journal Cross-Site Scripting Vulnerability

Travel Journal is a travel journal for rems individual developers. A cross-site scripting vulnerability exists in Travel Journal v1.0 that could allow an attacker to execute arbitrary web script or HTML by injecting a crafted payload into the location parameter of /travel-journal/write-journal...

6.1CVSS5.9AI score0.0046EPSS
Exploits1References3
Rows per page
Query Builder