ZimaOS <= v1.2.4 - Sensitive Information Disclosure

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoints in ZimaOS, such as http:///v1/users/image?path=/var/lib/casaos/1/apporder.json and http:///v1/users/image?path=/var/lib/casaos/1/system.json,...

Landray EKP - Path Traversal

A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sysuicomponent/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to...

Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal

The web server of Lawo AG vsm LTC Time Sync vTimeSync is affected by a "..." triple dot path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only...

Vendure - Arbitrary File Read

Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data...

Kyocera TASKalfa printer - Path Traversal

CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings. id: CVE-2023-34259 info: name: Kyocera TASKalfa printer - Path...

Online Piggery Management System v1.0 - Unauthenticated File Upload

Online Piggery Management System 1.0 is vulnerable to File Upload. An unauthenticated user can upload a php file by sending a POST request to add-pig.php. id: CVE-2023-37629 info: name: Online Piggery Management System v1.0 - Unauthenticated File Upload author: Harsh severity: critical descriptio...

PHP Login System 2.0.1 - Cross-Site Scripting

msaad1999's PHP-Login-System 2.0.1 contains a reflected cross-site scripting caused by unsanitized input in 'validator' parameter in /reset-password, letting remote attackers execute arbitrary JavaScript in a user's browser, exploit requires attacker to craft malicious URL id: CVE-2023-38875 info...

LMS by Masteriyo < 1.6.8 - Information Exposure

The plugin does not properly safeguards sensitive user information, like other user's email addresses, making it possible for any students to leak them via some of the plugin's REST API endpoints. id: CVE-2023-3345 info: name: LMS by Masteriyo 1.6.8 - Information Exposure author: DhiyaneshDK...

System Dashboard < 2.8.10 - Cross-Site Scripting

The System Dashboard WordPress plugin before 2.8.10 does not sanitize and escape some parameters, which could allow administrators in multisite WordPress configurations to perform Cross-Site Scripting attacks through header injection, specifically in the X-Forwarded-For header. id: CVE-2023-7246...

Purchase Order Management v1.0 - Cross Site Scripting (Reflected)

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php. id: CVE-2023-29623 info: name: Purchase Order Management v1.0 - Cross Site Scripting Reflected author: theamanrawat severity:...

Hoteldruid v3.0.5 - SQL Injection

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the idutentelog parameter at /hoteldruid/personalizza.php. id: CVE-2023-43374 info: name: Hoteldruid v3.0.5 - SQL Injection author: ritikchaddha severity: critical description: | Hoteldruid v3.0.5 was discovered to...

PHPJabbers Bus Reservation System 1.1 - Cross-Site Scripting

A vulnerability was found in PHP Jabbers Bus Reservation System 1.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index/pickupid leads to cross site scripting. The attack may be launched remotely. id:...

St. Joe ERP system - SQL Injection

A SQL injection vulnerability exists in the St. Joe ERP system "圣乔ERP系统" that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into...

Microfinance Management System 1.0 - SQL Injection

Microfinance Management System 1.0 is susceptible to SQL Injection. id: CVE-2022-27927 info: name: Microfinance Management System 1.0 - SQL Injection author: lucasljm2001,ekrause severity: critical description: | Microfinance Management System 1.0 is susceptible to SQL Injection. impact: |...

Vehicle Service Management System - Stored Cross-Site Scripting

A Stored Cross Site Scripting XSS vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. id: CVE-2021-46068 info: name: Vehicle Service Management System - Stored Cross-Site Scripting author: TenBird severity: medium description: | A Stored Cross...

Doctor Appointment System 1.0 - SQL Injection

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter. id: CVE-2021-27320 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind S...

Slims9 Bulian 9.4.2 - SQL Injection

Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. id: CVE-2021-45793 info: name: Slims9 Bulian 9.4.2 - SQL Injection author: nblirwn severity: high description: | Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data c...

Doctor Appointment System 1.0 - SQL Injection

Blind SQL injection in contactus.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via lastname parameter. id: CVE-2021-27316 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind SQ...

11in1 CMS 1.2.1 - Local File Inclusion (LFI)

Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. dot dot in the class parameter to 1 index.php or 2 admin/index.php. id: CVE-2012-0996 info: name: 11in1 CMS 1.2.1 - Local File Inclusion LFI author: daffainfo...

Doctor Appointment System 1.0 - SQL Injection

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter. id: CVE-2021-27315 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind...