Lucene search
K

8 matches found

MongoDB
MongoDB
added 2026/04/29 4:51 p.m.33 views

Flaw in the updateUser Command May Allow Unauthorized Configuration Change

An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another user account. This could affect how authentication is performed for the impacted account...

6.3CVSS5.3AI score0.00167EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.11 views

PT-2026-35957

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authorization flaw in the user management command allows an authenticated user to make limited changes to authentication-related data associated with another...

6.3CVSS5.8AI score0.00167EPSS
Exploits0References4
NVD
NVD
added 2025/12/08 6:15 a.m.7 views

CVE-2025-14218

A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has be...

9.8CVSS0.00339EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/08 5:32 a.m.31 views

CVE-2025-14218 code-projects Currency Exchange System editotheraccount.php sql injection

A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has be...

7.5CVSS0.00339EPSS
Exploits1References5
CVE
CVE
added 2025/12/08 5:32 a.m.13 views

CVE-2025-14218

CVE-2025-14218 affects code-projects Currency Exchange System version 1.0, specifically the /editotheraccount.php file. The vulnerability arises from an injectable ID parameter in an unknown function, enabling SQL injection that can be exploited remotely. Multiple connected sources reiterate that...

9.8CVSS6.7AI score0.00339EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/08 5:32 a.m.2 views

CVE-2025-14218 code-projects Currency Exchange System editotheraccount.php sql injection

A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has be...

7.5CVSS6.7AI score0.00339EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.6 views

PT-2025-49508

Name of the Vulnerable Software and Affected Versions code-projects Currency Exchange System version 1.0 Description A security flaw exists in code-projects Currency Exchange System version 1.0. The issue involves a SQL injection that can be triggered by manipulating the ID argument in the...

9.8CVSS7.5AI score0.00339EPSS
Exploits1References12
OSV
OSV
added 2019/08/01 5:15 p.m.2 views

CVE-2016-10831

cPanel before 55.9999.141 does not perform as two-factor authentication check when possessing another account SEC-101...

7.2CVSS5.8AI score0.01393EPSS
Exploits0References1
Rows per page
Query Builder