Lucene search
K

7 matches found

OSV
OSV
added 2026/02/20 4:22 p.m.5 views

CVE-2025-70831

A Remote Code Execution RCE vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary...

9.8CVSS5.9AI score0.00917EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.7 views

CVE-2025-70831

A Remote Code Execution RCE vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary...

9.8CVSS0.00917EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 12:0 a.m.2 views

CVE-2025-70831

A Remote Code Execution RCE vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary...

5.9AI score0.00917EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/20 12:0 a.m.5 views

CVE-2025-70831

A Remote Code Execution RCE vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary...

5.8AI score0.00917EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.5 views

PT-2026-21192

Name of the Vulnerable Software and Affected Versions Smanga version 3.2.7 Description The application does not properly sanitize user input in the mediaId parameter of the '/php/path/rescan.php' interface before it is used in a system shell command. This allows an unauthenticated attacker to...

5.5AI score0.00917EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:0 a.m.6 views

CVE-2023-36076

SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php...

9.8CVSS8.7AI score0.02364EPSS
Exploits1
CNNVD
CNNVD
added 2023/09/01 12:0 a.m.4 views

Smanga SQL Injection Vulnerability

Smanga is a docker direct-installed comic streaming reading tool by lkw199711 individual developer. A SQL injection vulnerability exists in smanga 3.1.9 and earlier versions, which allows remote attackers to execute arbitrary code and obtain sensitive information via the mediaId, mangaId, and...

9.8CVSS8.5AI score0.02364EPSS
Exploits1References2
Rows per page
Query Builder