Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2023-43804, CVE-2023-45803]

Summary The urllib3 package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2023-43804, CVE-2023-45803 Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3...

CVE-2025-12593

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

PT-2025-44731

Name of the Vulnerable Software and Affected Versions code-projects Simple Online Hotel Reservation System version 2.0 Description A flaw exists in code-projects Simple Online Hotel Reservation System 2.0 that allows for unrestricted file uploads. This issue is located within the Photo Handler...

Security Bulletin: Vulnerability in cryptography affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-2650, CVE-2023-4807, CVE-2023-3446 ]

Summary The cryptography package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2023-2650, CVE-2023-4807, CVE-2023-3446 Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caus...

Security Bulletin: Vulnerability in cryptography affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-23931]

Summary The cryptography package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2023-23931 Vulnerability Details CVEID:CVE-2023-23931 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and...

Security Bulletin: Vulnerability in certifi affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-39689]

Summary The certifi package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVE CVE-2024-39689 Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi is a curated collection of Root Certificates for validating the...

Security Bulletin: Vulnerability in gunicorn affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-1135]

Summary The gunicorn package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-1135. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicorn is vulnerable to HTTP request smuggling, caused by improper parsing of the...

CVE-2024-8554

A vulnerability was found in SourceCodester Clinics Patient Management System 2.0 and classified as problematic. This issue affects some unknown processing of the file /users.php. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The...

PT-2024-30037 · Unknown · Warehouse Inventory System

Name of the Vulnerable Software and Affected Versions: Warehouse Inventory System version 2.0 Description: A Cross-Site Request Forgery CSRF issue in the edit categorie.php component allows attackers to escalate privileges. Recommendations: For Warehouse Inventory System version 2.0, consider...

Security Bulletin: Vulnerability in babel affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2021-42771]

Summary The babel package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVECVE-2021-42771 Vulnerability Details CVEID:CVE-2021-42771 DESCRIPTION: Python-Babel Babel could allow a local authenticated attacker to traverse directories o...

Security Bulletin: Vulnerability in Python-urllib3 affects IBM Cloud Pak for Data System 2.0 (CPDS2.0)

Summary Python-urllib3 is used by IBM Cloud Pak for Data System 2.0. IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2020-26137,CVE-2020-7212, CVE-2021-33503. Vulnerability Details CVEID:CVE-2020-26137 DESCRIPTION: urllib3 is vulnerable to CRLF injection. By inserting CR an...

Security Bulletin: Vulnerability in jetty-server affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2023-26048]

Summary The jetty-server package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2023-26048 Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory...

CVE-2023-7132

A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been classified as problematic. This affects an unknown part of the file /userregistration/ of the component User Registration. The manipulation of the argument userName/firstName/lastName/userEmail with th...

Cross site scripting

A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been classified as problematic. This affects an unknown part of the file /userregistration/ of the component User Registration. The manipulation of the argument userName/firstName/lastName/userEmail with th...

CVE-2023-7132

CVE-2023-7132 affects code-projects Intern Membership Management System 2.0, specifically the User Registration component’s /user_registration/ path. The issue is a cross-site scripting vulnerability caused by reflecting manipulated values for userName, firstName, lastName, or userEmail, with pay...

CVE-2023-7131

CVE-2023-7131 affects code-projects Intern Membership Management System 2.0, specifically the User Registration component. The vulnerability resides in the /user_registration/ file where manipulating the userName argument enables SQL injection. Exploit details are publicly disclosed; no fix detai...

CVE-2023-7111

The CVE-2023-7111 entry describes a SQL injection in code-projects Library Management System 2.0, affecting the category parameter in index.php. Multiple connected sources confirm remote exploitation and public disclosure (VDB-249006). The underlying issue is lack of input validation in the categ...

CVE-2023-7110

CVE-2023-7110 affects code-projects Library Management System 2.0. The vulnerability resides in login.php where manipulation of the student parameter enables SQL injection. It is exploitable remotely and has been publicly disclosed. Affected software is Library Management System 2.0; root cause i...

CVE-2023-4172

CVE-2023-4172 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability arises from improper handling of the FileDirectory argument in the FileHandler.ashx (path/file processing), enabling absolute path traversal via a remote attack. Exploitation has been disclosed...

CVE-2023-3804

CVE-2023-3804 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. The vulnerability is in the file /Service/FileHandler.ashx, where manipulation of the argument userFile enables unrestricted upload. The exploit has been publicly disclosed. Several sources confirm this is a cod...