Lucene search
K

54 matches found

Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.17 views

PT-2026-45898

Name of the Vulnerable Software and Affected Versions SourceCodester Pizzafy E-Commerce System version 1.0 Description An SQL injection issue exists in the Administrative Control Panel component. The Login function within the /admin/admin class novo.php file is susceptible to remote attacks throu...

7.5CVSS7.4AI score0.00281EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.8 views

open-notebook 安全漏洞

Open-Notebook is a privacy-oriented multi-model AI note-taking tool developed by Luis Novo. Version 1.8.3 of Open-Notebook contains a security vulnerability. This vulnerability stems from a lack of user input validation in the file upload function, which may allow users to access the content of...

8.2CVSS5.8AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/04/29 5:16 p.m.5 views

CVE-2026-7393

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function savemenu of the file /admin/adminclassnovo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS0.00268EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/29 5:0 p.m.3 views

CVE-2026-7393 SourceCodester Pizzafy Ecommerce System File Extension admin_class_novo.php save_menu unrestricted upload

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function savemenu of the file /admin/adminclassnovo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS4.8AI score0.00268EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.8 views

SourceCodester Pizzafy Ecommerce System 访问控制错误漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a security vulnerability related to access control. This vulnerability arises from improper handling of the img parameter in...

5.8CVSS5.7AI score0.00268EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.5 views

PT-2026-35959

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save menu of the file /admin/admin class novo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS4.8AI score0.00268EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/04/27 1:22 p.m.5 views

CVE-2026-6990

A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descrição results in cross site scripting. The attack can be initiated remotely. The exploit has been made...

5.1CVSS3.6AI score0.00249EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/25 5:30 p.m.5 views

EUVD-2026-25666

A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descrição results in cross site scripting. The attack can be initiated remotely. The exploit has been made...

5.1CVSS3.6AI score0.00249EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/25 5:30 p.m.4 views

CVE-2026-6990

A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descrição results in cross site scripting. The attack can be initiated remotely. The exploit has been made...

5.1CVSS3.6AI score0.00249EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/04/25 5:30 p.m.33 views

CVE-2026-6990 projeto-siga novo cross site scripting

A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descrição results in cross site scripting. The attack can be initiated remotely. The exploit has been made...

5.1CVSS0.00249EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/25 12:0 a.m.10 views

Siga 跨站脚本漏洞

Siga is an open-source administrative management system developed by projeto-siga, supporting document, process, identity, knowledge, and service management. Version 11.0.3.18 of Siga contains a cross-site scripting vulnerability. This vulnerability stems from an unknown function in the file...

5.1CVSS5.5AI score0.00249EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.9 views

CVE-2026-33135

WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...

9.3CVSS6AI score0.00224EPSS
Exploits1References1
NVD
NVD
added 2026/03/20 11:18 a.m.8 views

CVE-2026-33135

WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...

9.3CVSS0.00224EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/20 10:38 a.m.23 views

CVE-2026-33135 WeGIA has Reflected Cross-Site Scripting (XSS) in `novo_memorandoo.php` via `sccs` parameter

WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...

9.3CVSS0.00224EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/20 10:38 a.m.4 views

EUVD-2026-13680

WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...

9.3CVSS6AI score0.00224EPSS
Exploits1References3
OSV
OSV
added 2026/03/20 10:38 a.m.3 views

CVE-2026-33135 WeGIA has Reflected Cross-Site Scripting (XSS) in `novo_memorandoo.php` via `sccs` parameter

WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...

9.3CVSS6.1AI score0.00224EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-50433

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00271EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/24 12:0 a.m.5 views

PT-2025-39356

🔵 Mangati NovoSGA, Cross-Site Scripting XSS, CVE-2025-40456 Low https://t.co/9VmFT9GHUe...

6.3AI score
Exploits0References1
OSV
OSV
added 2025/08/05 1:15 a.m.6 views

CVE-2025-8538

A vulnerability has been found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /usuarios/tipos/novo. The manipulation of the argument name/description leads to cross site scripting. The attack can be launched...

4.8CVSS6.2AI score0.00276EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.4 views

Portábilis i-Educar 安全漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. A security vulnerability exists in Portábilis i-Educar version 2.10, which stems from improper handling of the parameter name/description in the file /usuarios/tipos/novo, which could...

4.8CVSS3.8AI score0.00276EPSS
Exploits1References4
Rows per page
Query Builder