Lucene search
K

8094 matches found

CNNVD
CNNVD
added 2026/04/05 12:0 a.m.10 views

itsourcecode Free Hotel Reservation System SQL注入漏洞

itsourcecode Free Hotel Reservation System is an open-source hotel reservation system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the email parameter in the file /hotel/admin/login.php, which may lead...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.8 views

KADOS SQL注入漏洞

KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability, which stems from the injection of SQL code through the filterusermail parameter. This vulnerability may lead to SQL injection attacks...

9.1CVSS5.9AI score0.00311EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.7 views

RealTerm Serial Terminal 缓冲区错误漏洞

RealTerm Serial Terminal is a terminal tool software developed by Crun, which supports serial communication, data capture, and debugging. Version 2.0.0.70 of RealTerm Serial Terminal contains a buffer error vulnerability. This vulnerability stems from structured exception handling that leads to a...

8.5CVSS6.2AI score0.00314EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.12 views

PT-2026-30496

Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the menu lev1 parameter. Attackers can send crafted requests with malicious SQL payloads in the menu lev1 parameter to extract sensitive...

8.8CVSS6AI score0.00338EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

KADOS SQL注入漏洞

KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this flaw allows attackers to manipulate database queries...

9.1CVSS5.8AI score0.00311EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.7 views

PT-2026-30470

Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...

6.9CVSS6.2AI score0.00146EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

River Past Video Cleaner 缓冲区错误漏洞

River Past Video Cleaner is a software tool developed by River Past Corporation, designed for batch conversion and repair of video formats and timestamps. Version 7.6.3 of River Past Video Cleaner contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the...

8.6CVSS6.3AI score0.00202EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

KADOS SQL注入漏洞

KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this flaw allows attackers to manipulate database queries...

9.1CVSS5.8AI score0.00311EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.10 views

PT-2026-30479

River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame enc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exceptio...

8.6CVSS6.8AI score0.00202EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.11 views

Cross browser fingerprinting SQL注入漏洞

Cross browser fingerprinting is a cross-browser user tracking fingerprint library developed by Song Li as an individual developer. Cross browser fingerprinting has a SQL injection vulnerability, which stems from incorrect handling of parameter IDs in the flask/uniquemachineapp.py file. This...

8.6CVSS7.2AI score0.00376EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.8 views

PHPGurukul Online Shopping Portal Project SQL注入漏洞

The PHPGurukul Online Shopping Portal Project is an online shopping portal project of PHPGurukul Corporation. Version 2.1 of the PHPGurukul Online Shopping Portal Project has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “fullname” in the...

6.5CVSS6.7AI score0.00246EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.10 views

PT-2026-30498

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id to modify' parameter. Attackers can send crafted requests with malicious SQL statements in the id to modify field to extract sensitive database...

8.8CVSS6AI score0.00311EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/04 3:30 p.m.3 views

EUVD-2018-21760

NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and...

9.8CVSS6.7AI score0.00914EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/04 3:30 p.m.2 views

EUVD-2018-21762

10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...

8.6CVSS6.5AI score0.00185EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/04 3:30 p.m.4 views

EUVD-2018-21754

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu t...

8.6CVSS6.5AI score0.00185EPSS
Exploits0References5
NVD
NVD
added 2026/04/04 2:16 p.m.6 views

CVE-2018-25254

NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and...

9.8CVSS0.00914EPSS
Exploits1References3
NVD
NVD
added 2026/04/04 2:16 p.m.5 views

CVE-2018-25255

10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...

8.6CVSS0.00185EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/04 1:51 p.m.3 views

CVE-2018-25255

10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...

8.6CVSS6.5AI score0.00185EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/04 1:51 p.m.9 views

CVE-2018-25255

10-Strike LANState 8.8 has a local buffer overflow in structured exception handling. An attacker can craft a malicious LSM map file with a payload in the ObjCaption parameter to overflow a buffer, overwrite the SEH chain, and execute shellcode when the file is opened in LANState. This vulnerabili...

8.6CVSS6.5AI score0.00185EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/04 1:51 p.m.21 views

CVE-2018-25255 10-Strike LANState 8.8 Local Buffer Overflow SEH

10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...

8.6CVSS0.00185EPSS
Exploits0References4
Rows per page
Query Builder