Lucene search
K

5 matches found

CVE
CVE
added 2026/06/18 10:21 a.m.30 views

CVE-2026-54419

PIAF-HMS (PBX-In-A-Flash Hotel Management System) contains multiple unauthenticated SQL injection vulnerabilities. The app has no authentication and passes user-supplied HTTP parameters directly into deprecated mysql_query() calls via string concatenation, without sanitization, escaping, or param...

9.8CVSS5.8AI score0.00587EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.19 views

CVE-2019-12741

XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafte...

6.1CVSS5.7AI score0.01268EPSS
Exploits0References1
GitLab Advisory Database
GitLab Advisory Database
added 2019/06/05 12:0 a.m.79 views

Cross-site Scripting

XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafted URL. This...

6.1CVSS2.5AI score0.01268EPSS
Exploits0References4Affected Software1
Exploit DB
Exploit DB
added 2018/10/15 12:0 a.m.558 views

FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution

Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13, OS: necov1.8-0-g7ffe5b3, Hardware: Flir Systems Ne...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/12/01 12:0 a.m.92 views

Artica Web Proxy 3.06 - Remote Code Execution

Credits: John Page aka Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ARTICA-WEB-PROXY-v3.06-REMOTE-CODE-EXECUTION-CVE-2017-17055.txt + ISR: ApparitionSec Vendor: ======= www.articatech.com Product: ========= Artica Web Proxy v.3.06.112216...

9CVSS9.2AI score0.08708EPSS
Exploits6
Rows per page
Query Builder