Lucene search
K

70 matches found

CVE
CVE
added 6 days ago17 views

CVE-2026-51924

CVE-2026-51924 affects docuForm GmbH Client v.11.11c. A vulnerability in the file upload and report.php component allows a remote attacker to execute arbitrary code. Root cause: improper handling of uploaded files leading to code execution. Impacted product is documented; CVSSv3.1 base score 8.1 ...

8.1CVSS6.3AI score0.0033EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/06 4:15 a.m.34 views

CVE-2026-14796 CodeAstro Apartment Visitor Management System report.php sql injection

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.00204EPSS
Exploits0References6
CVE
CVE
added 2026/07/06 4:15 a.m.18 views

CVE-2026-14796

CVE-2026-14796 affects CodeAstro Apartment Visitor Management System 1.0. Affected component: /apartment-visitor/report.php; vulnerability: SQL injection triggered by manipulating the fromdate parameter. Attackable remotely over network with no user interaction; attacker privileges required: LOW....

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-3515

Malware in sbrugna...

7.5CVSS6.4AI score0.01689EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-4359

Malware in sbrugna...

7.5CVSS6.4AI score0.00997EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-3253

Malware in sbrugna...

7.5CVSS6.4AI score0.01114EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/27 8:32 p.m.16 views

CVE-2025-8241 1000 Projects ABC Courier Management System report.php sql injection

A vulnerability, which was classified as critical, was found in 1000 Projects ABC Courier Management System 1.0. This affects an unknown part of the file /report.php. The manipulation of the argument From leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS0.00498EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/16 3:0 p.m.19 views

CVE-2025-6127 PHPGurukul Nipah Virus Testing Management System search-report.php cross site scripting

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search-report.php. The manipulation of the argument serachdata leads to cross site scripting. The attack may be...

5.1CVSS0.00239EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/06/16 12:0 a.m.5 views

PT-2025-25566 · Unknown · Phpgurukul Nipah Virus Testing Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Nipah Virus Testing Management System version 1.0 Description: A vulnerability was found in the system, affecting some unknown functionality of the file /search-report.php. The manipulation of the serachdata argument leads to...

5.4CVSS3.8AI score0.00239EPSS
Exploits1References10
Cvelist
Cvelist
added 2025/05/27 5:0 a.m.18 views

CVE-2025-5232 PHPGurukul Student Study Center Management System report.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Student Study Center Management System 1.0. This issue affects some unknown processing of the file /admin/report.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be initiate...

5.8CVSS0.00348EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:35 p.m.6 views

CVE-2022-2688

A vulnerability was found in SourceCodester Expense Management System. It has been rated as critical. This issue affects the function fetchreportcredit of the file report.php of the component POST Parameter Handler. The manipulation of the argument from/to leads to sql injection. The attack may b...

9.8CVSS7.5AI score0.00475EPSS
Exploits0References1
CVE
CVE
added 2025/04/06 10:0 a.m.78 views

CVE-2025-3315

The CVE-2025-3315 entry concerns SourceCodester Apartment Visitor Management System v1.0. Affected component: /view-report.php; root cause: improper handling of fromdate/todate parameters enables SQL injection. Impact is described as critical with potential remote exploitation and publicly disclo...

9.8CVSS7.5AI score0.00507EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.5 views

PT-2024-38701 · Unknown · Itsourcecode Project Expense Monitoring System

Name of the Vulnerable Software and Affected Versions: itsourcecode Project Expense Monitoring System version 1.0 Description: A critical vulnerability has been found in the itsourcecode Project Expense Monitoring System. This issue affects an unknown part of the file transferred report.php. The...

9.8CVSS8.4AI score0.00612EPSS
Exploits1References10
Veracode
Veracode
added 2023/11/13 9:14 a.m.28 views

Cross-site Scripting (XSS)

Moodle/moodle is vulnerable to Cross-Site Scripting XSS. This vulnerability exists in the report.php because it does not properly validate user input, allowing an attacker to inject and execute malicious JavaScript in the browser...

5.4CVSS6.4AI score0.01165EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/09 9:30 p.m.8 views

CVE-2023-1300 SourceCodester COVID 19 Testing Management System POST Parameter patient-report.php sql injection

A vulnerability classified as critical was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file patient-report.php of the component POST Parameter Handler. The manipulation of the argument searchdata leads to sql...

6.5CVSS7.7AI score0.00791EPSS
Exploits1References3
Prion
Prion
added 2022/08/06 6:15 p.m.20 views

Sql injection

A vulnerability was found in SourceCodester Expense Management System. It has been rated as critical. This issue affects the function fetchreportcredit of the file report.php of the component POST Parameter Handler. The manipulation of the argument from/to leads to sql injection. The attack may b...

7.5CVSS9.7AI score0.00475EPSS
Exploits0References1
CVE
CVE
added 2022/08/06 5:20 p.m.71 views

CVE-2022-2688

CVE-2022-2688 affects SourceCodester Expense Management System. The vulnerability resides in the POST Parameter Handler, specifically the fetch_report_credit function in report.php, where the from/to argument is manipulated, leading to a SQL injection. It is exploitable remotely and impacts confi...

9.8CVSS8.3AI score0.00475EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2022/07/08 12:0 a.m.28 views

PESCMS cross-site scripting vulnerability

A cross-site scripting vulnerability exists in PESCMS version V2.3.3, a content publishing platform. The vulnerability stems from App/Team/GET/Report.php missing a data validation filter for user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on t...

6.1CVSS3AI score0.00829EPSS
Exploits1References1
Veracode
Veracode
added 2022/03/15 6:59 a.m.34 views

Cross-site Scripting (XSS)

moodle/moodle is vulnerable to stored cross-site scripting. The vulnerability exists in getquestionheading function in report.php due to lack of sanitization which allows an attacker to inject and execute arbitrary javascript...

5.4CVSS3AI score0.00583EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2021/04/13 12:15 a.m.21 views

CVE-2021-30034

Cross Site Scripting XSS in Remote Clinic v2.0 via the Symptons field on patients/register-report.php...

5.4CVSS0.01773EPSS
Exploits4References2
Rows per page
Query Builder