40817 matches found
PT-2026-47271
A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search staff to assign pc.php. This manipulation of the argument Name causes sql injection. The attack is possible to be carried out remotely. The...
Medium: libssh2
Issue Overview: A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name ...
PT-2026-47433
A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import users.php. The manipulation of the argument raw password wit...
PT-2026-47281
A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
PT-2026-47338
A vulnerability was detected in imvks786 student management system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting. It is possible to laun...
PT-2026-47452
A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the argument classId causes sql injection. The attack can be initiated remotely. The exploit has been...
PT-2026-47202
A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...
PT-2026-47266
This vulnerability exists in Bagisto due to improper validation of user-supplied input in the ImageCacheController component. An unauthenticated remote attacker could exploit this vulnerability by sending crafted path traversal sequences through the filename parameter to access arbitrary files...
PT-2026-47264
A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...
PT-2026-47282
A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passsword reset.php of the component Password Reset Handler. Such manipulation of the argument new password with the input...
PT-2026-47242
A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. Impacted is an unknown function of the file beike/Admin/Routes/admin.php of the component Admin Design Builder Endpoint. Performing a manipulation of the argument settings.value results in sql injection. I...
PT-2026-47256
A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly...
PT-2026-47524
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Amazon Linux 2023 : libssh, libssh-config, libssh-devel (ALAS2023-2026-1759)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1759 advisory. A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftpextensionsgetname/sftpextensionsgetdata of the file src/sftp.c of the component SFTP Extension Name...
PT-2026-47250
Name of the Vulnerable Software and Affected Versions Simple Flight Ticket Booking System version 1.0 Description An issue exists in the POST Parameter Handler component within the checkUser.php file. Remote manipulation of the Username parameter allows for SQL injection, a technique where...
PT-2026-47525
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
PT-2026-47443
A flaw has been found in CodeAstro Student Attendance Management System 1.0. The impacted element is an unknown function of the file /attendance-php/index.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has bee...
PT-2026-47308
A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...
PT-2026-47270
A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/delete leave type.php. The manipulation of the argument leave type results in sql injection. The attack can be executed remotely. The exploit has been made public and could be us...
PT-2026-47279
A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The exploit has been...