KodExplorer 跨站请求伪造漏洞

KodExplorer is a web file manager by warlee personal developer. A cross-site request forgery vulnerability exists in KodExplorer versions prior to 4.49, which stems from the presence of an unknown function that leads to a cross-site request forgery vulnerability. No details of the vulnerability a...

CVE-2023-2220

A vulnerability was found in Dream Technology mica up to 3.0.5. It has been classified as problematic. Affected is an unknown function of the component Form Object Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-226986 is the identifier...

IBOS SQL注入漏洞

IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS v4.5.5, which originates from the presence of an unknown function in the path file/personal/del&op=recycle, which leads to a sql injection via the parameter fids...

Sourcecodester Vehicle Service Management System SQL注入漏洞

Sourcecodester Vehicle Service Management System is an open source PHP project. A simple web application for automotive repair/service stores or businesses. SourceCodester Vehicle Service Management System version 1.0 SQL injection vulnerability , the vulnerability stems from the path...

OTCMS 代码问题漏洞

OTCMS Nettie CMS is an article-based web content management system CMS. A security vulnerability exists in OTCMS version 6.0.1, which originates from an unknown function in the file sysCheckFile.php?mudi=sql, resulting in unrestricted uploads...

Simple and Beautiful Shopping Cart System 代码问题漏洞

Simple and Beautiful Shopping Cart System is an e-commerce platform. A code issue exists in version 1.0 of the Simple and Beautiful Shopping Cart System, which stems from a security issue with an unknown function in the file uploadera.php that results in unrestricted uploads...

Watchdog Antivirus 访问控制错误漏洞

Watchdog Antivirus is an anti-malware program from Watchdog. designed to neutralize viruses, Trojans, rootkits, worms, spyware and adware. Watchdog Anti-Virus version 1.4.214.0 suffers from an Access Control Error vulnerability that stems from the presence of an unknown function in the library...

GPAC 资源管理错误漏洞

GPAC is an open source multimedia framework. A resource management error vulnerability exists in GPAC version 2.3-DEV-rev35-gbbca86917-master, which stems from the presence of an unknown function in the file filters/loadtext.c, resulting in a buffer overflow...

Online Food Ordering System 访问控制错误漏洞

Online Food Ordering System is an online food ordering system by Carlo Montero, an individual developer. An access control error vulnerability exists in SourceCodester Online Food Ordering System version 2.0, which stems from the presence of an unknown function in the file...

CVE-2023-1416

A vulnerability classified as critical has been found in Simple Art Gallery 1.0. Affected is an unknown function of the file adminHome.php. The manipulation of the argument socialfacebook leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2023-1353 SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System verification.php cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. Affected is an unknown function of the file verification.php. The manipulation of the argument txtvaccinationID leads to cross site scriptin...

PT-2023-16921 · Sourcecodester · Covid-19 Directory On Vaccination System

Name of the Vulnerable Software and Affected Versions: SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System version 1.0 Description: A problematic issue was found in the system, affecting an unknown function of the file verification.php. The manipulation of the...

Sql injection

A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=user/manage. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of...

SourceCodester Doctors Appointment System SQL注入漏洞

SourceCodester Doctor Appointment System is an application from SourceCodester USA. It provides an appointment scheduling feature. A SQL injection vulnerability exists in the SourceCodester Doctors Appointment System version 1.0, which originates from a security issue with an unknown function in...

Information disclosure

A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. Continiou...

Auto Dealer Management System 安全漏洞

Auto Dealer Management System is an automobile dealer management system by Carlo Montero Personal Developer. A security vulnerability exists in Auto Dealer Management System version 1.0, which stems from a problem with an unknown function in the file /adms/classes/Users.php that could lead to...

PT-2023-10343 · Unknown · Doomsider Shadow

Name of the Vulnerable Software and Affected Versions: doomsider shadow affected versions not specified Description: A vulnerability was found in doomsider shadow, classified as problematic, affecting an unknown function. The manipulation leads to denial of service, requiring a local attack. The...

CVE-2023-0905

A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file changePasswordForEmployee.php. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has...

Information disclosure

A vulnerability was found in CodenameOne 7.0.70. It has been classified as problematic. Affected is an unknown function. The manipulation leads to use of implicit intent for sensitive communication. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

Online Eyewear Shop SQL注入漏洞

Online Eyewear Shop is an online eyewear store by Carlo Montero, a personal developer. A SQL injection vulnerability exists in Online Eyewear Shop version 1.0 due to an unknown function in the file oews/products/viewproduct.php, which can be used for SQL injection via the parameters name/pwd...