PT-2025-34718 · Itsourcecode · Itsourcecode Online Tour/Travel Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A security flaw exists in itsourcecode Online Tour and Travel Management System version 1.0. The issue involves SQL injection in the /enquiry.php file through...

PT-2025-4739 · Re11S · Re11S

Name of the Vulnerable Software and Affected Versions: RE11S version 1.11 Description: A stack overflow issue was discovered in the setWAN function via the pptpUserName parameter. This issue can be exploited, potentially leading to unintended consequences. No information is available about the...

PT-2025-1095 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the use of memory after it has been freed in the BranchCache technology of Windows operating systems. This can allow a remote attacker to execute arbitrary code. The...

PT-2025-3875 · Unknown · Liujianview Gymxmjpa

Name of the Vulnerable Software and Affected Versions: liujianview gymxmjpa version 1.0 Description: A critical vulnerability has been found in the CoachController function of the file src/main/java/com/liujian/gymxmjpa/controller/CoachController.java. The manipulation of the coachName argument...

PT-2025-3180 · Foliovision · Fv Descriptions

Name of the Vulnerable Software and Affected Versions: Foliovision FV Descriptions versions n/a through 1.4 Description: The issue affects Foliovision FV Descriptions, allowing Reflected XSS due to improper neutralization of input during web page generation. This is a type of Cross-site Scripting...

PT-2025-30793

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A race condition exists in the NFSv4/pNFS implementation that can lead to system hangs during writeback operations. The issue occurs when waiting on the NFS LAYOUT DRAIN bit in pnfs upda...

PT-2024-35799 · Trend Micro · Trend Micro Security

Name of the Vulnerable Software and Affected Versions: Trend Micro ID Security versions 3.0 and below Description: The issue allows an attacker to send an unlimited number of email verification requests without restriction, potentially leading to abuse or denial of service. Recommendations: For...

PT-2024-35784 · Unknown · Masterstack Imgcap

Name of the Vulnerable Software and Affected Versions: masterstack imgcap version 0.0.1 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the "/submit" endpoint. Recommendations: For masterstack imgcap version 0.0.1, as a temporary workaround, consider...

PT-2024-34441 · Unknown · Kashipara E-Learning Management System Project

Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System Project version 1.0 Description: A Stored Cross-Site Scripting XSS issue was found in the /admin/school year.php endpoint, specifically via the school year parameter. This allows remote attackers to...

PT-2024-34578 · Draytek · Draytek Vigor3900

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequest certificate function. Recommendations: For DrayTek Vigor3900...

PT-2024-34628 · Ethereum +1 · Ethereum +1

Name of the Vulnerable Software and Affected Versions: Ethereum version 1.12.2 WaterToken smart contract affected versions not specified Description: An issue in the WaterToken smart contract, which can be run on the Ethereum blockchain, allows remote attackers to have an unspecified impact. The...

PT-2024-24326 · Engenius · Engenius Esr580

Name of the Vulnerable Software and Affected Versions: EnGenius ESR580 A8J-EMR5000 devices affected versions not specified Description: The issue allows a remote attacker to conduct stored XSS attacks, potentially leading to arbitrary JavaScript code execution under the context of the user's...

PT-2024-34241 · Unknown · Wp Seo – Calin Vingan Premium Seo Pack

Name of the Vulnerable Software and Affected Versions: WP SEO – Calin Vingan Premium SEO Pack versions 1.6.001 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection...

PT-2024-33454 · Unknown · Jiangqie Free Mini Program

Name of the Vulnerable Software and Affected Versions: JiangQie Free Mini Program versions n/a through 2.5.2 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to significant security...

PT-2024-39550 · Sourcecodester · Sourcecodester Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Advocate Office Management System version 1.0 Description: A critical issue affects the processing of the file /control/login.php, where the manipulation of the username argument leads to sql injection. The attack can be...

PT-2024-32082 · Unknown · Becn Datagerry

Name of the Vulnerable Software and Affected Versions: BECN DATAGERRY version 2.2 Description: The issue allows attackers to execute arbitrary commands via crafted web requests due to incorrect access control. Recommendations: For BECN DATAGERRY version 2.2, consider restricting access to the web...

PT-2024-30011 · Unknown · Hotel Management System

Name of the Vulnerable Software and Affected Versions: Hotel Management System version 91caab8 Description: A SQL injection vulnerability was discovered in the Hotel Management System via the book id parameter at the "admin room history.php" endpoint. This issue allows for potential unauthenticat...

PT-2024-38754 · Genexis · Genexis Tilgin Home Gateway

Name of the Vulnerable Software and Affected Versions: Genexis Tilgin Home Gateway version 322 AS0500-03 05 13 05 Description: This issue affects some unknown processing of the file "/vood/cgi-bin/vood view.cgi?lang=EN&act=user/spec...

PT-2024-7882 · D Link · D-Link Di-8003

Name of the Vulnerable Software and Affected Versions: D-Link DI-8003 version 16.07.16A1 Description: A critical issue has been found in the upgrade filter asp function of the /upgrade filter.asp file. The manipulation of the path argument leads to a stack-based buffer overflow. This issue can be...

PT-2024-27770 · Vermeg · Vermeg Agilereporter

Name of the Vulnerable Software and Affected Versions: Vermeg Agile Reporter version 23.2.1 Description: The issue is a stored cross-site scripting XSS that allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field under the Set Broadcast...