491-Project SQL注入漏洞

491-Project is a project by the individual developer of purpleparrots. 491-Project suffers from a SQL injection vulnerability that stems from a problem with unknown code in the update.php file of the component Highscore Handler, which can lead to sql injection...

Surpass 路径遍历漏洞

Surpass is a PHP package developed primarily for Laravel by the individual developer Sukohi Kuhoh. It is used to manage uploading images and displaying thumbnails using Ajax. A path traversal vulnerability exists in Surpass versions prior to 1.0.0, which stems from unknown code in the file...

Loan Management System SQL注入漏洞

Loan Management System is a loan management system by razormist individual developers. A SQL injection vulnerability exists in Loan Management System version 1.0, which originates from unknown code in the file login.php that manipulates the parameter username to cause SQL injection...

Pear Programming 跨站脚本漏洞

Pear Programming is a project developed into a global hackathon by the individual developer Mauricio Soares. Pear Programming suffers from a cross-site scripting vulnerability that stems from an issue with unknown code in the js/roomElement.js file in the component Main Page, which can lead to...

CVE-2022-4877 snoyberg keter Proxy.hs cross site scripting

A vulnerability has been found in snoyberg keter up to 1.8.1 and classified as problematic. This vulnerability affects unknown code of the file Keter/Proxy.hs. The manipulation of the argument host leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.8.2 is...

Progetto-Complementi SQL注入漏洞

Progetto-Complementi is a supplemental course program for college web technologies by Michael Soprano Personal Developer. Progetto-Complementi suffers from a SQL injection vulnerability that stems from a problem with unknown code that can lead to sql injection...

Artaxerxes 信息泄露漏洞

Artaxerxes is an Evolution Events open source evolutionary event information system. Artaxerxes suffers from an information disclosure vulnerability that stems from unknown code in the arta/common/middleware.py file of its POST Parameter Handler component that manipulates the parameter password...

jgit-cookbook 安全漏洞

jgit-cookbook is a library by Dominik Stadler Personal Developer. It is used to provide examples and code snippets for the JGit Java Git implementation. A security vulnerability exists in jgit-cookbook, which originates from unknown code effects that manipulate to cause insecure temporary files...

PT-2022-28042 · Unknown +2 · Graphite Web +2

Name of the Vulnerable Software and Affected Versions: Graphite Web affected versions not specified Description: A problem has been found in Graphite Web that affects unknown code of the Cookie Handler component. This issue leads to cross-site scripting and can be initiated remotely. The exploit...

CVE-2022-3875

A vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This vulnerability affects unknown code of the component API. The manipulation leads to authentication bypass by assumed-immutable data. The attack can be initiated remotely...

OWASP NodeGoat 安全漏洞

OWASP NodeGoat is a project of the OWASP Foundation in the United States. It provides an environment to learn how the OWASP Top 10 security risks apply to web applications developed using Node. OWASP NodeGoat suffers from a security vulnerability that results in a denial of service due to unknown...

CVE-2020-36610

A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier ...

PT-2022-26561 · Unknown · Shaoxing Background Management System

Name of the Vulnerable Software and Affected Versions: Shaoxing Background Management System affected versions not specified Description: A critical issue has been found in the system, affecting unknown code in the file /Default/Bd. The manipulation of the id argument leads to SQL injection. This...

ForU CMS 跨站脚本漏洞

ForU CMS is a website builder system by ForU Open Source. A security vulnerability exists in ForU CMS that originates from unknown code in cmschip.php. An attacker can exploit the vulnerability to cause cross-site scripting through manipulation of parameter names...

Canteen Management System SQL注入漏洞

Canteen Management System is a cafeteria management system by Mayuri K. Individual developer. A security vulnerability exists in Canteen Management System version 1.0, which stems from unknown code in the file login.php is affected, and manipulation of the parameter business may result in sql...

CVE-2022-3548

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Add New Storage Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be...

Media Links routers 授权问题漏洞

Media Links routers are a series of wireless routers from the Japanese company Media Links. Media Links routers contain an authorization issue vulnerability that originates from unknown code in index.asp, which can be exploited by an attacker to bypass the login screen and gain unauthorized acces...

CVE-2022-3014

A vulnerability classified as problematic was found in SourceCodester Simple Task Managing System. This vulnerability affects unknown code. The manipulation of the argument studentadd leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is...

Simple Online Book Store System 代码问题漏洞

Simple Online Book Store System is a simple online bookstore system by Carlo Montero Personal Developer. Simple Online Book Store System has a code issue vulnerability that stems from unknown code in its Admin add.php component that could lead to an unrestricted upload by a remote attacker...

TrueConf Server Cross-Site Scripting Vulnerability (CNVD-2022-53542)

TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that originates from unknown code in the file /admin/conferences/get-all-status/, with the parameter...