Lucene search
+L

148 matches found

Cvelist
Cvelist
added 2025/10/11 2:32 p.m.11 views

CVE-2025-11605 code-projects Client Details System update-profile.php sql injection

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

6.5CVSS0.00332EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/10/11 2:32 p.m.9 views

CVE-2025-11605 code-projects Client Details System update-profile.php sql injection

A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

6.5CVSS6.8AI score0.00332EPSS
Exploits1References6
CVE
CVE
added 2025/10/11 2:32 p.m.17 views

CVE-2025-11605

The CVE-2025-11605 entry concerns code-projects Client Details System 1.0. The vulnerability is in the file /admin/update-profile.php, where manipulation of the uid parameter leads to an SQL injection. It is exploitable remotely, and the exploit is publicly available. Affected component: /admin/u...

8.8CVSS6.4AI score0.00332EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/11 12:0 a.m.5 views

PT-2025-41691

Name of the Vulnerable Software and Affected Versions code-projects Client Details System version 1.0 Description A flaw exists in code-projects Client Details System version 1.0 that allows for remote code execution. The issue is located in the file /admin/update-profile.php and involves...

6.5CVSS7AI score0.00332EPSS
Exploits1References11
CNNVD
CNNVD
added 2025/10/11 12:0 a.m.6 views

Code-Projects Client Details System SQL注入漏洞

Client Details System is a client information system. Client Details System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /admin/update-profile.php. An attacker can exploit this...

8.8CVSS7.9AI score0.00332EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-18977

Malware in sbrugna...

5.4CVSS5.5AI score0.00637EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2006-7070

Malware in sbrugna...

7.5CVSS6.4AI score0.01051EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-46099

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.0095EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-29836

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00308EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28883

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00383EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-50805

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00447EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28404

Malicious code in bioql PyPI...

9.8CVSS5AI score0.00356EPSS
Exploits1References5
NVD
NVD
added 2025/10/02 11:15 a.m.6 views

CVE-2025-40992

Stored XSS vulnerability in Creativeitem Sociopro due to lack of proper validation of user inputs via the endpoint '/sociopro/profile/updateprofile', affecting to 'name' parameter via POST. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and...

5.1CVSS0.00333EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/02 10:50 a.m.3 views

CVE-2025-40992 Stored XSS in Creativeitem Sociopro

Stored XSS vulnerability in Creativeitem Sociopro due to lack of proper validation of user inputs via the endpoint '/sociopro/profile/updateprofile', affecting to 'name' parameter via POST. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and...

5.1CVSS5.6AI score0.00333EPSS
Exploits0References1
CVE
CVE
added 2025/10/02 10:50 a.m.12 views

CVE-2025-40992

CVE-2025-40992 is a Stored XSS vulnerability in Creativeitem Sociopro, affecting the /sociopro/profile/update_profile endpoint where the POSTed name parameter is insufficiently validated. Attackers could inject script that may be executed in an authenticated user’s context, with potential cookie/...

5.1CVSS5.6AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/19 11:32 p.m.8 views

CVE-2025-10625

A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=updateprofile. The manipulation of the argument phone results in sql injection. The attack may be launched remotely. The...

8.8CVSS6.7AI score0.00308EPSS
Exploits1References1
OSV
OSV
added 2025/09/17 11:15 p.m.6 views

CVE-2025-10625

A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=updateprofile. The manipulation of the argument phone results in sql injection. The attack may be launched remotely. The...

8.8CVSS5.8AI score0.00308EPSS
Exploits1References5
NVD
NVD
added 2025/09/17 11:15 p.m.12 views

CVE-2025-10625

A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=updateprofile. The manipulation of the argument phone results in sql injection. The attack may be launched remotely. The...

8.8CVSS0.00308EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/17 11:2 p.m.8 views

CVE-2025-10625 SourceCodester Online Exam Form Submission dashboard.php sql injection

A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=updateprofile. The manipulation of the argument phone results in sql injection. The attack may be launched remotely. The...

6.5CVSS6.4AI score0.00308EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/17 11:2 p.m.17 views

CVE-2025-10625 SourceCodester Online Exam Form Submission dashboard.php sql injection

A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=updateprofile. The manipulation of the argument phone results in sql injection. The attack may be launched remotely. The...

6.5CVSS0.00308EPSS
Exploits1References5
Rows per page
Query Builder