30 matches found
CVE-2026-14800 imhamzaazam ecommerceFlask cross-site request forgery
A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...
CVE-2026-8755
A flaw has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The affected element is the function getallmodels of the file hiyoriUI.py of the component Model Handler. This manipulation causes path traversal. The attack can be initiated remotely. The exploit has be...
PT-2026-30189
A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b736ab787bc926932f59cddc69457185a83. This issue affects the function extractContent of the file src/services/content-extractor.service.ts of the component Model Context Protoc...
CVE-2026-2851
A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addInport/updateInport/deleteInport of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\InportController.java of the component Inport...
PT-2025-47837
Name of the Vulnerable Software and Affected Versions ashraf-kabir travel-agency versions prior to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3 Description A security issue exists in ashraf-kabir travel-agency. The manipulation of the edit pack argument in the /admin area/index.php file leads to SQL...
CVE-2025-13208
A security flaw has been discovered in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. The impacted element is an unknown function of the file controller/api/hotelList.php. The manipulation of the argument subjectId/cityName results in sql injection. The attack can be...
CVE-2025-12202
A security flaw has been discovered in ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797bf2791591606f7b61fdad99ad8bff1. This vulnerability affects unknown code. Performing manipulation results in cross-site request forgery. The attack can be initiated remotely. The exploit has been...
PT-2025-43760
Name of the Vulnerable Software and Affected Versions ajayrandhawa User-Management-PHP-MYSQL web affected versions not specified Description A security flaw exists in ajayrandhawa User-Management-PHP-MYSQL web. The issue involves cross-site request forgery, allowing remote attackers to perform...
CVE-2025-9310
The CVE-2025-9310 entry concerns yeqifu carRental (Druid component) with vulnerability in an unknown function of the file /carRental_war/druid/login.html. The issue can lead to hard-coded credentials and is exploitable remotely; the exploit has been publicly disclosed. There are no version detail...
PT-2025-2353 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: A CVE record was rejected due to non-usage, following CNA rules. No information is provided about the issue itself, including general details or potential impacts...
PT-2024-35842 · Unknown · Rohit Harsh Fence Url
Name of the Vulnerable Software and Affected Versions: Rohit Harsh Fence URL versions n/a through 2.0.0 Description: The issue is related to improper neutralization of input during web page generation, leading to a Stored Cross-Site Scripting XSS vulnerability. This allows for Stored XSS attacks...
PT-2024-40625 · Git +1 · Clamav
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash reported by OSS-Fuzz, with a Segv on an unknown address. The crash state includes functions such as yara yyparse, yr lex...
PT-2024-23842 · Plug&Track +1 · Sensor Net Connect V2 +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A CWE-79 issue allows malicious users to permanently inject arbitrary Javascript code, enabling cross-site scripting. This issue permits malicious users to inject code into web page...
PT-2024-19945 · Hcl · Hcl Dryice Optibot Reset Station
Name of the Vulnerable Software and Affected Versions: HCL DRYiCE Optibot Reset Station affected versions not specified Description: The issue concerns insecure encryption of security questions in the HCL DRYiCE Optibot Reset Station. This could potentially allow an attacker with access to the...
PT-2024-13237 · Intel · Intel Power Gadget
Name of the Vulnerable Software and Affected Versions: IntelR Power Gadget software for Windows affected versions not specified Description: The issue is related to improper initialization in the IntelR Power Gadget software, which may allow an authenticated user to potentially enable denial of...
PT-2024-11064 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been resolved, specifically related to the ext4 file system. The fix addresses a check to prevent false positive reports of incorrect used inodes...
PT-2023-18950 · Huawei · Honor
Name of the Vulnerable Software and Affected Versions: Honor products affected versions not specified Description: The issue is related to an out of bounds read vulnerability. Successful exploitation of this vulnerability could cause an information leak. Recommendations: At the moment, there is n...
PT-2023-31584 · Zephyrproject Rtos +1 · Zephyr
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue might be related to a possible variant of a problem in the function le ecred reconf req. Recommendations: At the moment, there is no information about a newer version that...
PT-2023-18480
Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned. Description The issue involves memory corruption in a multi-mode call processor when processing a bit mask API. Recommendations At the moment, there is no information about a newer version that...
PT-2023-35943 · Git +1 · Pcre2
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow WRITE 4 crash type. The crash state involves functions such as get grouplength and get branchlength. No...