Lucene search
+L

1228 matches found

CNNVD
CNNVD
added 2026/04/05 12:0 a.m.10 views

PremSQL 代码注入漏洞

PremSQL is an AI data analysis tool library for translating localized text into SQL, developed by Prem Open Source. Versions of PremSQL 0.2.1 and earlier contained a code injection vulnerability, which was caused by incorrect handling of the result parameter, potentially leading to code injection...

6.5CVSS6.7AI score0.00246EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/27 2:26 p.m.3 views

CVE-2021-27124

SQL injection in the expertise parameter in searchresult.php in Doctor Appointment System v1.0 allows an authenticated patient user to dump the database credentials via a SQL injection attack...

6.5CVSS6.7AI score0.05721EPSS
Exploits1References1
OSV
OSV
added 2026/03/27 2:3 p.m.5 views

OESA-2026-1727 libxslt security update

Libxslt is the XSLT C library developed for the GNOME project Security Fixes: A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT func:result elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regula...

3.1CVSS6AI score0.00264EPSS
Exploits0References2
OSV
OSV
added 2026/03/27 2:3 p.m.3 views

OESA-2026-1726 libxslt security update

Libxslt is the XSLT C library developed for the GNOME project Security Fixes: A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT func:result elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regula...

3.1CVSS5.8AI score0.00264EPSS
Exploits0References2
OSV
OSV
added 2026/03/27 2:3 p.m.6 views

OESA-2026-1725 libxslt security update

Libxslt is the XSLT C library developed for the GNOME project Security Fixes: A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT func:result elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regula...

3.1CVSS5.8AI score0.00264EPSS
Exploits0References2
OSV
OSV
added 2026/03/27 2:3 p.m.5 views

OESA-2026-1724 libxslt security update

Libxslt is the XSLT C library developed for the GNOME project Security Fixes: A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT func:result elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regula...

3.1CVSS5.8AI score0.00264EPSS
Exploits0References2
NVD
NVD
added 2026/03/27 1:16 a.m.7 views

CVE-2026-33729

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. In versions prior to 1.13.1, under specific conditions, models using conditions with caching enabled can result in two different check requests producing the same cache...

9.8CVSS0.00241EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.7 views

CVE-2026-3983

A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument gamename results in cross site scripting. The attack may be performed from remote. The exploit...

5.1CVSS4.2AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.7 views

CVE-2026-3982

A vulnerability was determined in itsourcecode University Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewresult.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack can be executed remotely. The exploit h...

5.3CVSS4AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.6 views

CVE-2026-3984

A weakness has been identified in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This vulnerability affects unknown code of the file saveupathlete.php. This manipulation of the argument aname causes cross site scripting. It is possible to initiate the attack remotely. Th...

5.1CVSS4.3AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.6 views

CVE-2026-4189

A weakness has been identified in phpipam up to 1.7.4. The impacted element is an unknown function of the file app/admin/sections/edit-result.php of the component Section Handler. Executing a manipulation of the argument subnetOrdering can lead to sql injection. The attack may be launched remotel...

5.8CVSS5.6AI score0.00258EPSS
Exploits0References1
NVD
NVD
added 2026/03/22 2:16 p.m.6 views

CVE-2019-25602

GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an...

6.8CVSS0.00113EPSS
Exploits0References3
OSV
OSV
added 2026/03/18 7:53 p.m.6 views

GHSA-64HM-GFWQ-JPPW Allure Report has an Arbitrary File Read via Path Traversal in Attachment Processing (Allure 1, Allure 2, and XCTest Readers)

Summary The Allure report generator is vulnerable to an arbitrary file read via path traversal when processing test results. An attacker can craft a malicious result file -result.json, -container.json, or .plist that points an attachment source to a sensitive file on the host system. During repor...

8.6CVSS6AI score0.00539EPSS
Exploits1References3
NVD
NVD
added 2026/03/18 2:16 a.m.4 views

CVE-2026-4356

A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /addresult.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used...

4.8CVSS0.00202EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/18 1:2 a.m.4 views

EUVD-2026-12706

A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /addresult.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used...

4.8CVSS4AI score0.00202EPSS
Exploits0References5
CVE
CVE
added 2026/03/18 1:2 a.m.11 views

CVE-2026-4356

Affects itsourcecode University Management System 1.0. The vulnerability is in an unknown function of the file /add_result.php; manipulating the vr argument enables cross-site scripting. The attack can be conducted remotely and, per the sources, exploits have been published and may be used. No re...

4.8CVSS4AI score0.00202EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.7 views

PT-2026-26001

A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used...

4.8CVSS4AI score0.00202EPSS
Exploits0References9
EUVD
EUVD
added 2026/03/16 3:30 p.m.6 views

EUVD-2026-12249

A weakness has been identified in phpipam up to 1.7.4. The impacted element is an unknown function of the file app/admin/sections/edit-result.php of the component Section Handler. Executing a manipulation of the argument subnetOrdering can lead to sql injection. The attack may be launched remotel...

5.8CVSS5.7AI score0.00258EPSS
Exploits0References5
NVD
NVD
added 2026/03/16 2:20 p.m.4 views

CVE-2026-4189

A weakness has been identified in phpipam up to 1.7.4. The impacted element is an unknown function of the file app/admin/sections/edit-result.php of the component Section Handler. Executing a manipulation of the argument subnetOrdering can lead to sql injection. The attack may be launched remotel...

5.8CVSS0.00258EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

phpIPAM SQL注入漏洞

phpIPAM is an open-source IP address management application IPAM based on PHP and MySQL. Versions of phpipam 1.7.4 and earlier have a SQL injection vulnerability. This vulnerability stems from incorrect handling of parameters in the file app/admin/sections/edit-result.php, specifically the...

5.8CVSS5.9AI score0.00258EPSS
Exploits0References4
Rows per page
Query Builder