Lucene search
K

61 matches found

Cvelist
Cvelist
added 2025/04/14 7:0 a.m.28 views

CVE-2025-3555 ScriptAndTools eCommerce-website-in-PHP login.php excessive authentication

A vulnerability classified as problematic has been found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected is an unknown function of the file /login.php. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack remotely. The...

6.3CVSS0.00872EPSS
Exploits1References5
CVE
CVE
added 2025/04/04 3:0 a.m.57 views

CVE-2025-3205

CVE-2025-3205 affects CodeAstro Student Grading System 1.0. The vulnerability is in the studentsubject.php file, where manipulating the studentId parameter leads to SQL injection. Exploitation can be performed remotely via a network attack, and the exploit has been publicly disclosed. There is no...

8.8CVSS7.6AI score0.00418EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2025/04/03 8:0 p.m.77 views

CVE-2025-3177

Concerning CVE-2025-3177, multiple connected sources confirm a vulnerability in FastCMS 0.1.5 affecting the JWT Handler component, specifically the use of a hard-coded cryptographic key. Access is remote, attack complexity is high, and no privileges are required. The Public disclosure status is n...

8.1CVSS7.2AI score0.00427EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/03/31 10:0 a.m.28 views

CVE-2025-2990 Tenda FH1202 Web Management Interface AdvSetWrlGstset access control

A vulnerability was found in Tenda FH1202 1.2.0.14408. It has been rated as critical. This issue affects some unknown processing of the file /goform/AdvSetWrlGstset of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely...

6.9CVSS0.00597EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/03/24 4:0 a.m.6 views

CVE-2025-2682 PHPGurukul Bank Locker Management System edit-subadmin.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown part of the file /edit-subadmin.php?said=3. The manipulation of the argument mobilenumber leads to sql injection. It is possible to initiate the attack remotely. The...

7.5CVSS7.7AI score0.00446EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/03/17 5:0 p.m.9 views

CVE-2025-2386 PHPGurukul Local Services Search Engine Management System serviceman-search.php sql injection

A vulnerability was found in PHPGurukul Local Services Search Engine Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /serviceman-search.php. The manipulation of the argument location leads to sql injection. The attack may be initiated...

7.5CVSS7.5AI score0.00491EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/03/09 4:0 p.m.37 views

CVE-2025-2125 Control iD RH iD PDF Document companyId resource injection

A vulnerability has been found in Control iD RH iD 25.2.25.0 and classified as problematic. This vulnerability affects unknown code of the file /v2/report.svc/comprovantemarcacao/?companyId=1 of the component PDF Document Handler. The manipulation of the argument nsr leads to improper control of...

5.3CVSS0.0032EPSS
Exploits0References4
CVE
CVE
added 2025/03/07 12:0 p.m.61 views

CVE-2025-2084

CVE-2025-2084 concerns a cross-site scripting vulnerability in PHPGurukul’s Human Metapneumovirus Testing Management System 1.0. The affected component is the Search Report Page’s file /search-report.php, where an unknown function is manipulated to trigger XSS. The vulnerability is exploitable re...

6.1CVSS6.5AI score0.00336EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2013-0339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or...

6.8CVSS8.1AI score0.03609EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2016-4538

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considerin...

9.8CVSS8AI score0.06229EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.20 views

Linux Distros Unpatched Vulnerability : CVE-2016-2554

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of servi...

10CVSS8.3AI score0.10997EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/02/17 7:0 a.m.9 views

CVE-2025-1380 Codezips Gym Management System del_plan.php sql injection

A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /dashboard/admin/delplan.php. The manipulation of the argument name leads to sql injection. The attack may be launched remotely. The exploit...

6.5CVSS6.8AI score0.00478EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/02/13 12:38 a.m.11 views

CVE-2025-25526

Buffer overflow vulnerability in Mercury MIPC552W Camera v1.0 due to the lack of length verification, which is related to the configuration of the PPTP server. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

5.1CVSS7.7AI score0.00243EPSS
Exploits0References1
CVE
CVE
added 2025/02/02 3:31 p.m.73 views

CVE-2025-0967

CVE-2025-0967 affects Code-Projects Chat System 1.0. The vulnerability is a SQL injection in the file /user/add_chatroom.php, caused by unsafely handling the chatname/chatpass parameters. The issue is exploitable remotely and could allow an attacker to manipulate SQL statements, potentially expos...

7.5CVSS6.8AI score0.00582EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/01/05 12:15 p.m.40 views

CVE-2024-13140

A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=uploadcover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launc...

5.4CVSS0.0032EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2013/05/14 5:49 p.m.5 views

ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors relate...

10CVSS6.7AI score0.08869EPSS
Exploits0References4
OSV
OSV
added 2011/02/03 5:0 p.m.10 views

CVE-2010-4727

Smarty before 3.0.0 beta 7 does not properly handle the tags, which has unspecified impact and remote attack vectors...

6.9AI score
Exploits0References1
OSV
OSV
added 2011/02/03 5:0 p.m.7 views

CVE-2010-4722

Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors...

6.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2007/06/29 12:0 a.m.6 views

PT-2007-4751 · Microsoft · Office Excel

Name of the Vulnerable Software and Affected Versions: Microsoft Excel version 2003 SP2 Description: The issue is related to an unspecified vulnerability in Microsoft Excel, potentially connected to the sheet name. It may allow remote attackers to have an unknown impact via unspecified vectors...

7.5CVSS7.1AI score0.36551EPSS
Exploits1References11
NVD
NVD
added 2001/11/21 5:0 a.m.24 views

CVE-2001-0911

PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it...

7.5CVSS6.9AI score0.03871EPSS
Exploits0References3
Rows per page
Query Builder