Lucene search
K

10 matches found

Vulnrichment
Vulnrichment
added 2025/07/30 11:2 p.m.2 views

CVE-2025-8337 code-projects Simple Car Rental System add_vehicles.php cross site scripting

A vulnerability, which was classified as problematic, has been found in code-projects Simple Car Rental System 1.0. This issue affects some unknown processing of the file /admin/addvehicles.php. The manipulation of the argument carname leads to cross site scripting. The attack may be initiated...

4.8CVSS3.3AI score0.00237EPSS
Exploits1References5
CVE
CVE
added 2025/07/30 11:2 p.m.26 views

CVE-2025-8337

CVE-2025-8337 affects Code-Projects Simple Car Rental System 1.0. The vulnerability is in the file /admin/add_vehicles.php where manipulation of the car_name argument can lead to a cross-site scripting (XSS) vulnerability. The attack can be initiated remotely and exploits have been publicly discl...

5.4CVSS3.5AI score0.00237EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/18 5:0 p.m.7 views

CVE-2025-4888 code-projects Pharmacy Management System Add Order Details take_order buffer overflow

A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. This affects the function medicineType::takeorder of the component Add Order Details. The manipulation leads to buffer overflow. An attack has to be approached locally. The exploit has be...

5.3CVSS5.5AI score0.00277EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/11 9:0 p.m.35 views

CVE-2025-4547 SourceCodester Web-based Pharmacy Product Management System Add User Page cross site scripting

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add User Page. The manipulation leads to cross site scripting. The attack may be launched remotely...

4.8CVSS0.00307EPSS
Exploits1References5
CVE
CVE
added 2025/04/04 11:31 a.m.61 views

CVE-2025-3244

CVE-2025-3244 affects SourceCodester Web-based Pharmacy Product Management System 1.0. The vulnerability is in the Create User Page’s file /add-admin.php, where manipulation of the Avatar parameter enables unrestricted file upload, with remote exploitation reported. Several connected sources conf...

8.8CVSS6.4AI score0.00514EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/03 7:0 a.m.12 views

CVE-2025-3147 PHPGurukul Boat Booking System add-subadmin.php sql injection

A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-subadmin.php. The manipulation of the argument sadminusername leads to sql injection. The attack can be initiated remotely. The exploit has bee...

7.5CVSS7.8AI score0.00514EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

Mysiteforme 安全漏洞

Mysiteforme is a permissions management system for wangl1989 individual developers. A security vulnerability exists in Mysiteforme versions prior to 2025.01.01, which stems from the inclusion of a fastjson deserialization vulnerability discovered via the component system/table/add...

9.1CVSS6.8AI score0.00494EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2021/10/26 3:44 p.m.26 views

Mozilla Firefox Blocks Malicious Add-ons Installed by 455K Users

Mozilla’s Firefox team has blocked add-ons that were abusing the proxy API in order to prevent around 455,000 users from updating their browsers. In a Monday post, Mozilla’s development team members Rachel Tublitz and Stuart Colville said that they’d discovered the misbehaving add-ons in early...

6.8AI score
Exploits0References12
Malwarebytes
Malwarebytes
added 2021/10/26 1:43 p.m.23 views

Patch now to bypass Firefox add-ons that abuse the proxy API to deny updates

In a Firefox security announcement, Mozilla said 455,000 users have downloaded Firefox add-ons that interfere with how they connect to the internet. The interference in itself was not the deciding factor, however. The add-ons abused the proxy API to prevent users who had installed them from...

Exploits0
The Hacker News
The Hacker News
added 2021/10/26 7:41 a.m.27 views

Malicious Firefox Add-ons Block Browser From Downloading Security Updates

Mozilla on Monday disclosed it blocked two malicious Firefox add-ons installed by 455,000 users that were found misusing the Proxy API to impede downloading updates to the browser. The two extensions in question, named Bypass and Bypass XM, "interfered with Firefox in a way that prevented users w...

1.1AI score
Exploits0
Rows per page
Query Builder