233164 matches found
Fsas ServerView Agents security vulnerabilities
Fsas ServerView Agents is a server monitoring and management software developed by the Japanese company Fsas. Fsas ServerView Agents for Windows versions 11.60.04 and earlier contain security vulnerabilities. These vulnerabilities stem from improper allocation of permissions for critical resource...
Student_Management_System_by_PHP SQL Injection Vulnerability
studentmanagementsystembyphp is a student information management tool developed by Raisul Islam, based on PHP. studentmanagementsystembyphp has a SQL injection vulnerability. This vulnerability arises from incorrect operations with parameters such as userid, courseid, teacherid, and studentid in...
SourceCodester Water Billing Management System Authorization Vulnerability
The SourceCodester Water Billing Management System is an open-source water billing management system developed by SourceCodester. Version 1.0 of the SourceCodester Water Billing Management System has a vulnerability related to authorization issues. This vulnerability stems from a problem with the...
PT-2026-45354
Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...
Student-Management-System security vulnerabilities
Student-Management-System is an open-source student information management system developed by Cyber-III. There is a security vulnerability in Student-Management-System, which stems from incorrect operations with the parameter uid in the admin/ file within the Admin Endpoint component. This...
Fsas ServerView Agents security vulnerabilities
Fsas ServerView Agents is a server monitoring and management software developed by the Japanese company Fsas. Versions of Fsas ServerView Agents prior to V11.60.04 contain security vulnerabilities. These vulnerabilities stem from permission chain issues, which may allow local authenticated...
OFCMS SQL Injection Vulnerability
OFCMS is a content management system developed by the Oufu individual developers. Version OFCMS 1.1.3 has a SQL injection vulnerability, which stems from an SQL injection in the Query function of the SystemParamController.java file within the JSON query interface...
Itsourcecode Online House Rental System SQL Injection Vulnerability
itsourcecode Online House Rental System is an open-source online housing rental system developed by itsourcecode. Version 1.0 of the itsourcecode Online House Rental System has a SQL injection vulnerability. This vulnerability arises from improper handling of parameter IDs in the...
MAL-2026-5111 Malicious code in @redhat-cloud-services/chrome (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
PT-2026-45405
A vulnerability was identified in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /save comment.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...
PT-2026-45264
An improper neutralization of active SVG content in OTRS or OTRS Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent o...
Code-Projects Online Hospital Management System SQL Injection Vulnerability
Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. Version 1.0 of the Code-Projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the editid...
OFCMS SQL Injection Vulnerability
OFCMS is a content management system developed by the Oufu individual developers. Version OFCMS 1.1.3 has a SQL injection vulnerability, which stems from the SQL injection in the Query function of the SystemDictController.java file within the JSON query interface...
SourceCodester Pharmacy Sales and Inventory System: Access Control Vulnerability
SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a vulnerability related to access control. This vulnerability stems fro...
OFCMS SQL Injection Vulnerability
OFCMS is a content management system developed by the Oufu individual developers. Version OFCMS 1.1.3 has a SQL injection vulnerability, which stems from an SQL injection in the Query function of the SysUserController.java file within the JSON query interface...
php-censor: Operating system command injection vulnerability
php-censor is a continuous integration server for the open-source PHP project PHP Censor. Versions of php-censor 2.1.6 and earlier contain an operating system command injection vulnerability. This vulnerability stems from incorrect handling of the commitId parameter in the file...
Itsourcecode Online House Rental System SQL Injection Vulnerability
itsourcecode Online House Rental System is an open-source online housing rental system developed by itsourcecode. Version 1.0 of the itsourcecode Online House Rental System has a SQL injection vulnerability. This vulnerability arises from improper handling of parameter IDs in the...
Code-Projects Hotel and Tourism Reservation System Code Injection Vulnerability
Code-Projects Hotel and Tourism Reservation System is an open-source hotel and tourism reservation system developed by Code-Projects. Version 1.0 of the Code-Projects Hotel and Tourism Reservation System has a code injection vulnerability. This vulnerability arises from unauthorized operations on...
goclaw operating system command injection vulnerability
Goclaw is an open-source multi-tenant AI agent platform developed by Next Level Builder. Goclaw versions 3.11.3 and earlier contained a vulnerability related to operating system command injection. This vulnerability originated from the FsBridge.WriteFile function in the internal/sandbox/fsbridge....
PT-2026-45404
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sell statement of the file application/controllers/ShowForm.php. Such manipulation leads to improper access controls. The attack can be launched remotely. The...