Lucene search
K

11 matches found

Cvelist
Cvelist
added 2026/06/12 1:0 p.m.27 views

CVE-2026-12066 PbootCMS Password MemberController.php retrieve password recovery

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

7.5CVSS0.00288EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/07 12:0 a.m.10 views

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system developed by JeeWMS Corporation in China. There is a security vulnerability in JeeWMS. This vulnerability stems from incorrect operations with parameters such as dbType/dbDriver/dbUrl/dbUsername/dbPassword in the JimuReport test-connection Endpoi...

7.5CVSS7.3AI score0.00329EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.11 views

itsourcecode Courier Management System 注入漏洞

itsourcecode Courier Management System is an open-source courier management system developed by itsourcecode. Version 1.0 of the itsourcecode Courier Management System has a vulnerability related to parameter handling in the file/printpdets.php, which may lead to SQL injection attacks...

6.5CVSS6.7AI score0.00196EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/17 12:0 a.m.5 views

Agent Zero 代码问题漏洞

Agent Zero is an artificial intelligence framework developed by Jan Tomášek himself. Version 0.9.7 of Agent Zero contains a code vulnerability caused by incorrect handling of parameters in the file python/helpers/documentquery.py. This vulnerability could lead to server-side request forgery...

6.5CVSS6.7AI score0.00201EPSS
Exploits0References5
NVD
NVD
added 2025/08/12 7:15 p.m.14 views

CVE-2025-52970

A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.0.10 and below may allow an unauthenticated remote attacker with non-public information pertaining to the device and targeted user to gain admin privileges o...

8.1CVSS0.1067EPSS
Exploits4References2
OSV
OSV
added 2025/08/12 7:15 p.m.2 views

CVE-2025-52970

A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.0.10 and below may allow an unauthenticated remote attacker with non-public information pertaining to the device and targeted user to gain admin privileges o...

8.1CVSS5.9AI score0.1067EPSS
Exploits4References2
CVE
CVE
added 2025/08/12 6:59 p.m.90 views

CVE-2025-52970

Fortinet FortiWeb is affected by CVE-2025-52970 due to improper handling of parameters in FortiWeb versions 7.6.3 and below, 7.4.7 and below, 7.2.10 and below, and 7.0.10 and below. An unauthenticated remote attacker with non-public device information can gain admin privileges via a specially cra...

8.1CVSS7.3AI score0.1067EPSS
In wildExploits4References2Affected Software1
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.5 views

Mitel MiCollab和Mitel MiVoice 代码注入漏洞

Mitel MiCollab and Mitel MiVoice are both products of Mitel Canada.Mitel MiCollab is a mobile application that provides voice, video, messaging, audio conferencing, and team collaboration for employees.Mitel MiVoice is an IP-capable telephone. A security vulnerability exists in Mitel MiCollab...

8.8CVSS7.2AI score0.01268EPSS
Exploits0References2
CNVD
CNVD
added 2019/05/22 12:0 a.m.2 views

Schneider Electric Modicon Illegal Breakpoint Parameter Denial of Service Vulnerability

The Schneider Electric Modicon M580, M340 is a programmable automation controller. An illegal breakpoint parameter handling vulnerability exists in the Schneider Electric Modicon M580, M340, which allows remote attackers to exploit the vulnerability by submitting a special request, which can be...

7.5CVSS6.8AI score0.02626EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/25 12:0 a.m.2 views

ShopsN open source online store full system PayOrderController page there are code execution vulnerabilities

ShopsN free version of the B2C e-commerce is a Shanghai Yisu Network Technology Co., Ltd. in line with the enterprise-level commercial standards full-featured really allow free commercial use of open source online store full network system. ShopsN v2.3.5 official version of the PayOrderController...

7.6AI score
Exploits0
CNVD
CNVD
added 2017/07/11 12:0 a.m.4 views

niushop_b2c Pay.php has xml entity injection vulnerability

Niushop open source mall National first commercial free four-in-one completely open source 100% open source The country's first set of B2B2C multi-user mall + micro letter micro-distribution + e-commerce platform investment operation + iOS, Android multi-platform client PHP open source e-commerce...

7.6AI score
Exploits0
Rows per page
Query Builder