PT-2025-28358 · Unknown · Code-Projects Crime Reporting System

Name of the Vulnerable Software and Affected Versions: code-projects Crime Reporting System version 1.0 Description: A critical issue affects the processing of the file /userlogin.php. The manipulation of the email argument leads to SQL injection. The attack can be initiated remotely...

PT-2025-25494 · Ibm · Ibm Security Verify Directory Container

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Directory Container versions 10.0.0.0 through 10.0.3.1 Description: The issue allows a local user to execute commands as root due to execution with unnecessary privileges. This is related to the execution of commands with...

PT-2025-23615 · Erupt · Erupt

Name of the Vulnerable Software and Affected Versions: erupt version 1.12.19 Description: The issue is related to an arbitrary file upload vulnerability in the /upload/GoodsCategory/image component, which allows attackers to execute arbitrary code by uploading a crafted file. Recommendations: For...

PT-2025-19779 · Hope-Boot · Hope-Boot

Name of the Vulnerable Software and Affected Versions: hope-boot version 1.0.0 Description: The issue is related to incorrect access control in the "/user/edit/" component, which allows attackers to bypass authentication by sending a crafted GET request. Recommendations: For hope-boot version...

PT-2025-4760 · Linksys · Linksys E5600 Router

Name of the Vulnerable Software and Affected Versions: Linksys E5600 Router version 1.1.0.26 Description: A stored cross-site scripting XSS vulnerability in the spf table content component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc...

PT-2024-29431 · Cadclick · Cadclick

Name of the Vulnerable Software and Affected Versions: CADClick versions 1.11.0 and earlier Description: A reflected cross-site scripting XSS vulnerability is present in "Artikel.aspx" in CADClick, allowing remote attackers to inject arbitrary web script or HTML via the searchindex parameter. Thi...

PT-2023-29077 · Zpe Systems · Nodegrid Os

Name of the Vulnerable Software and Affected Versions: ZPE Systems, Inc Nodegrid OS versions 5.8.10 through 5.8.13 ZPE Systems, Inc Nodegrid OS versions 5.10.3 through 5.10.5 Description: An issue in the TACACS+ server component allows a remote attacker to obtain sensitive information...

PT-2023-27335 · Unknown · Welcart E-Commerce

Name of the Vulnerable Software and Affected Versions: Welcart e-Commerce versions 2.7 to 2.8.21 Description: The issue allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory. Recommendations: For Welcart e-Commerce versions 2.7 to 2.8.21, consider...

PT-2023-5188 · Unknown · Qms Automotive

Name of the Vulnerable Software and Affected Versions: QMS Automotive versions prior to V12.39 Description: A vulnerability has been identified in the affected application, allowing users to upload arbitrary file types. This could allow an attacker to upload malicious files, potentially leading t...

PT-2023-27996 · Couchcms · Couchcms

Name of the Vulnerable Software and Affected Versions: CouchCMS version 2.3 Description: An open redirect issue exists in the sanitize url parameter, allowing attackers to redirect users to arbitrary websites via crafted URLs. Recommendations: For CouchCMS version 2.3, consider disabling the...

PT-2023-12675 · Opensuse · Opensuse

Name of the Vulnerable Software and Affected Versions: openSUSE paste versions prior to b57b9f87e303a3db9465776e657378e96845493b Description: An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue allows remote attackers to place Javascript into SVG files...

PT-2022-5988 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.14 and earlier Description: The issue is a reflected Cross-Site Scripting XSS vulnerability. It can be exploited if an attacker convinces a victim to visit a URL referencing a vulnerable page, allowing...

PT-2022-26800 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: open5gs version 2.4.11 Description: The issue is related to a memory leak in the ngap-handler.c component. This allows attackers to cause a Denial of Service DoS via a crafted UE attachment. Recommendations: For open5gs version 2.4.11, consid...

PT-2022-22589 · Joplin · Joplin

Name of the Vulnerable Software and Affected Versions: Joplin version 2.8.8 Description: The issue allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles. Recommendations: For Joplin version 2.8.8, consider restricting the injection of crafted payloads...