Lucene search
K

543 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.37 views

EUVD-2024-3257

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00396EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-35108

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00852EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-17435

Malicious code in bioql PyPI...

9.8CVSS5.6AI score0.00808EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/09/11 12:0 p.m.5 views

php: Leak partial content of the heap through heap buffer over-read in mysqlnd

A flaw was found in the PHP MySQL client library. This vulnerability allows a hostile MySQL server to disclose the content of the client's heap, potentially exposing data from other SQL requests and other users of the same server via malicious server interactions...

5.8CVSS5.8AI score0.02286EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.12 views

PT-2025-30360 · Librenms · Librenms

Name of the Vulnerable Software and Affected Versions: LibreNMS versions 25.6.0 and below Description: LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring system. Versions 25.6.0 and below contain an architectural vulnerability in the /ajax form.php endpoint that permits Remot...

7.5CVSS6.9AI score0.00804EPSS
Exploits1References16
CVE
CVE
added 2025/07/07 12:0 a.m.25 views

CVE-2025-45065

CVE-2025-45065 concerns a SQL injection in the Loginerms.php endpoint of the Employee Record Management System in PHP and MySQL v1. The vulnerability affects the loginerms.php component, arising from insufficient input handling, allowing potentially arbitrary SQL execution. Impact as stated: high...

9.8CVSS7.9AI score0.00368EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/27 12:16 a.m.10 views

CVE-2024-27685

SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information via a crafted payload to the $cshortname, $cfullname, and $cdate variables...

7.1CVSS7.2AI score0.00282EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.18 views

CVE-2024-47528

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Stored Cross-Site Scripting XSS can be achieved by uploading a new Background for a Custom Map. Users with "admin" role can set background for a custom map, this allow the upload of SVG file that can contain XSS payload...

4.8CVSS5.2AI score0.00377EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 10:16 a.m.9 views

CVE-2024-30986

Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter...

6.5CVSS7.4AI score0.00429EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:40 a.m.8 views

CVE-2024-1702

A vulnerability was found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /edit.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the publi...

9.8CVSS7.2AI score0.00662EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:34 a.m.18 views

CVE-2024-50352

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Services" section of the Device Overview page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when adding a service to a devic...

5.4CVSS5.5AI score0.36747EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:22 a.m.6 views

CVE-2024-1701

A vulnerability has been found in keerti1924 PHP-MYSQL-User-Login-System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been...

9.8CVSS5.8AI score0.00808EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:21 a.m.13 views

CVE-2024-1700

A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument username with the input leads to cross site scripting. It is possible to launch the attack...

5.4CVSS6.1AI score0.00584EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.14 views

CVE-2024-51494

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "descr" parameter when editing a device's port settings. This vulnerability...

5.4CVSS5.2AI score0.00396EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:4 a.m.16 views

CVE-2024-51496

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting XSS vulnerability in the "metric" parameter of the "/wireless" and "/health" endpoints allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of...

5.4CVSS5.4AI score0.00403EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:52 a.m.7 views

CVE-2024-24041

A stored cross-site scripting XSS vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php...

6.1CVSS6AI score0.0046EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:47 a.m.9 views

CVE-2024-40392

SourceCodester Pharmacy/Medical Store Point of Sale System Using PHP/MySQL and Bootstrap Framework with Source Code 1.0 was discovered to contain a SQL injection vulnerability via the name parameter under addnew.php...

9.8CVSS9.9AI score0.00502EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:47 a.m.7 views

CVE-2024-40394

Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php...

9.8CVSS9.6AI score0.00652EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:22 a.m.12 views

CVE-2024-2265

A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. This affects an unknown part of the file login.sql. The manipulation leads to inclusion of sensitive information in source code. It is possible to initiate the attack remotely. The explo...

7.5CVSS6.4AI score0.0083EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:41 a.m.11 views

CVE-2023-39518

social-media-skeleton is an uncompleted social media project implemented using PHP, MySQL, CSS, JavaScript, and HTML. Versions 1.0.0 until 1.0.3 have a stored cross-site scripting vulnerability. The problem is patched in v1.0.3...

5.4CVSS6AI score0.00407EPSS
Exploits0
Rows per page
Query Builder