Lucene search
K

19 matches found

CVE
CVE
added 2026/07/02 11:40 p.m.18 views

CVE-2026-13768

CVE-2026-13768 affects Gardyn Home Kit and Gardyn Studio. The root cause is exposure of a privileged iothubowner credential, which enables a malicious user to invoke IoTHub Registry Manager functions to obtain connection information for all Gardyn devices and to execute commands on a specific dev...

10CVSS6AI score0.00559EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/19 6:30 a.m.5 views

EUVD-2025-204440

A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername results in sql injection. The attack may be performed from remote. The exploit has been made public...

5.8CVSS6.3AI score0.00275EPSS
Exploits1References6
CVE
CVE
added 2025/12/19 4:2 a.m.13 views

CVE-2025-14939

CVE-2025-14939 affects code-projects Online Appointment Booking System 1.0. The vulnerability is in the file /admin/deletemanager.php, where manipulation of the parameter managername causes SQL injection. A remote attacker could exploit this, and the exploit has been publicly disclosed. Several c...

7.2CVSS6.5AI score0.00275EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-44423

Malicious code in bioql PyPI...

5.4CVSS4.8AI score0.00519EPSS
Exploits1References4
OSV
OSV
added 2025/07/10 7:41 a.m.7 views

CVE-2025-38274 fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt()

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

5.5CVSS5.9AI score0.00155EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/06/19 12:8 a.m.4 views

CVE-2025-45879

A cross-site scripting XSS vulnerability in the e-mail manager function of Miliaris Amigdala v2.2.6 allows attackers to execute arbitrary HTML in the context of a user's browser via a crafted payload...

6.1CVSS5.9AI score0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.4 views

PT-2025-25740 · Unknown · Miliaris Amigdala

Name of the Vulnerable Software and Affected Versions: Miliaris Amigdala version 2.2.6 Description: A cross-site scripting XSS issue in the report manager function allows attackers to execute arbitrary HTML in the context of a user's browser via a crafted payload. Recommendations: For Miliaris...

6.1CVSS5.3AI score0.00231EPSS
Exploits0References8
CVE
CVE
added 2025/06/17 12:0 a.m.23 views

CVE-2025-45879

CVE-2025-45879 describes a cross-site scripting (XSS) vulnerability in the e-mail manager function of Miliaris Amigdala v2.2.6 . The issue allows an attacker to execute arbitrary HTML in a user’s browser via a crafted payload. The available metrics indicate a CVSS v3.1 base score of 6.1 (Medium) ...

6.1CVSS5.6AI score0.00231EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 4:0 a.m.10 views

CVE-2023-36217

Cross Site Scripting vulnerability in Xoops CMS v.2.5.10 allows a remote attacker to execute arbitrary code via the category name field of the image manager function...

9CVSS7.3AI score0.01385EPSS
Exploits1
NVD
NVD
added 2024/09/19 7:15 p.m.17 views

CVE-2024-40125

An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the upload endpoint...

9.8CVSS0.00883EPSS
Exploits1References2
CVE
CVE
added 2024/09/19 12:0 a.m.43 views

CVE-2024-40125

The CVE-2024-40125 entry concerns Closed Loop Technology CLESS Server v4.5.2, where the Media Manager’s file upload endpoint is vulnerable to arbitrary PHP file uploads. The underlying issue enables remote code execution because a crafted PHP file can be uploaded and subsequently executed on the ...

9.8CVSS8.1AI score0.00883EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/19 12:0 a.m.12 views

CVE-2024-40125

An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the upload endpoint...

8.1AI score0.00883EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/09/02 12:0 a.m.7 views

The vulnerability of the cgi_FMT_R12R5_2nd_DiskMGR function in the /cgi-bin/hd_config.cgi component of D-Link routers’ microprogramming software allows a attacker to execute arbitrary code.

The vulnerability of the cgiFMTR12R52ndDiskMGR function in the /cgi-bin/hdconfig.cgi component of D-Link routers is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS7AI score0.07482EPSS
Exploits1References3
OSV
OSV
added 2024/08/25 1:15 a.m.2 views

CVE-2024-8138

A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. Affected is the function editManager of the file /index.php?action=editManager of the component Parameter Handler. The manipulation of the argument id as part of String leads to sql...

9.8CVSS5.7AI score0.0058EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/08/03 12:0 a.m.18 views

CVE-2023-36217

Cross Site Scripting vulnerability in Xoops CMS v.2.5.10 allows a remote attacker to execute arbitrary code via the category name field of the image manager function...

9.1AI score0.01385EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/03/24 12:0 a.m.2 views

PT-2023-20233

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.11.1 TensorFlow versions prior to 2.12.0 Description TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. The issue is related to the...

7.5CVSS6.7AI score0.00516EPSS
Exploits0References16
CNVD
CNVD
added 2022/06/08 12:0 a.m.15 views

FUDForum Cross-Site Scripting Vulnerability (CNVD-2022-70051)

FUDForum is a PHP-based forum software. version 3.1.2 of FUDForum contains a cross-site scripting vulnerability. An attacker can exploit this vulnerability to perform cross-site scripting attacks with the help of the forum name field in the forum manager function...

3.5CVSS1.1AI score0.00534EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2015/05/12 12:0 a.m.181 views

Wolf CMS 0.8.2 Arbitrary File Upload Vulnerability

,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / / / XXXXXX / / XXXXXX / / XXXXXX / ------' Exploit Title : Wolf CMS Arbitrary File Upload Exploit Date : 16 April 20...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2015/04/22 12:0 a.m.27 views

Wolf CMS 0.8.2 - Arbitrary File Upload

Wolf CMS 0.8.2 - Arbitrary File Upload ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : Wolf CMS...

0.2AI score
Exploits0
Rows per page
Query Builder