Lucene search
K

97 matches found

SUSE CVE
SUSE CVE
added 2025/01/28 12:19 a.m.4 views

SUSE CVE-2025-24389

Certain errors of the upstream libraries will insert sensitive information in the OTRS or OTRS Community Edition log mechanism and mails send to the system administrator. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X OTRS Community Edition: 6.0.x Products based on the OTRS...

6.3CVSS6.6AI score0.00137EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.4 views

Synnefo Internet Management Software 安全漏洞

Synnefo Internet Management Software SynnefoIMS is an Internet management software from Synnefo, Inc. A security vulnerability exists in Synnefo Internet Management Software version 2023 and prior releases that stems from the presence of a SQL injection vulnerability...

9.8CVSS7.8AI score0.00418EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/19 12:0 a.m.4 views

PT-2025-3958 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical issue has been found in the software, specifically a SQL injection flaw. This issue is related to the manipulation of the id argument in the "/index.php" file, allowing for remote attacks. The exploi...

9.8CVSS8AI score0.0139EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/12/02 12:0 a.m.4 views

PT-2024-35419 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A SQL injection issue was discovered in the /q/show.php endpoint. This issue allows for potential SQL injection attacks. Recommendations: For ZZCMS version 2023, consider restricting access to the /q/show.php...

9.8CVSS7.5AI score0.00562EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/12/02 12:0 a.m.3 views

ZZCMS 安全漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in ZZCMS version 2023, which stems from an SQL injection vulnerability contained in /q/show.php...

9.8CVSS7.9AI score0.00562EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/11/29 12:0 a.m.4 views

PT-2024-39386 · Unknown · Easy Tax Client

Name of the Vulnerable Software and Affected Versions: Easy Tax Client Software 2023 versions 1.2 and earlier Description: A XML External Entity XXE vulnerability has been identified in Easy Tax Client Software across multiple platforms, including Windows, Linux, and macOS. Recommendations: For...

4.6CVSS6.9AI score0.00198EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.3 views

ZZCMS 注入漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. An injection vulnerability exists in ZZCMS version 2023, which originates from the parameter keyword in the file /admin/adlist.php?action=pass that can cause SQL injection...

7.2CVSS5.7AI score0.0054EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.6 views

PT-2024-16852 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical issue affects some unknown functionality of the file /admin/ad list.php?action=pass of the component Keyword Filtering. The manipulation of the keyword argument leads to SQL injection. The attack may...

7.2CVSS5.7AI score0.0054EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/10/23 12:0 a.m.5 views

ZZCMS 信息泄露漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. An information disclosure vulnerability exists in ZZCMS version 2023, which originates from operations on file 3/qq-connect2.0/API/com/inc.php that can lead to information disclosure...

7.5CVSS6.1AI score0.00578EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/23 12:0 a.m.4 views

PT-2024-16166 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical issue has been found, affecting the function Ebak SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argument file leads to unrestricted upload. It is possible to...

9.8CVSS6.6AI score0.00502EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/10/23 12:0 a.m.4 views

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A SQL injection vulnerability exists in ZZCMS version 2023, which originates from the lack of validation of the parameter phome in file 3/Ebak5.1/upload/phome.php for external SQL statements, which can be exploited by an attacke...

9.8CVSS8.2AI score0.00469EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.4 views

ZZCMS 安全漏洞

ZZCMS is a content management system CMS from the ZZCMS team in China. A security vulnerability exists in ZZCMS version 2023, which stems from the checkyzm function failing to properly refresh the CAPTCHA value after a failed validation attempt...

5.3CVSS6.7AI score0.00421EPSS
Exploits1References2
OSV
OSV
added 2024/08/26 9:15 a.m.2 views

UBUNTU-CVE-2024-43442

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in OTRS System Configuration modules and OTRS Community Edition allows Cross-Site Scripting XSS within the System Configuration targeting other admins. This issue affects: OTRS from 7.0.X through...

4.9CVSS5.8AI score0.00402EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.5 views

PT-2024-38693 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical vulnerability was found in ZZCMS, affecting an unknown functionality of the file "/admin/class.php?dowhat=modifyclass". The manipulation of the argument skin leads to path traversal. The attack can b...

7.5CVSS7.4AI score0.00932EPSS
Exploits1References10
CNNVD
CNNVD
added 2024/08/19 12:0 a.m.3 views

ZZCMS 安全漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in ZZCMS version 2023, which originates from the parameter phome in file 3/Ebak5.1/upload/eginfo.php that can lead to information leakage...

7.5CVSS4.7AI score0.00635EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/08/19 12:0 a.m.4 views

ZZCMS 路径遍历漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A path traversal vulnerability exists in ZZCMS version 2023, which stems from the parameter skin in the file /admin/aboutedit.php?action=modify that causes path traversal. No details of the vulnerability are provided at this tim...

7.5CVSS6.8AI score0.00932EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.5 views

PT-2024-38692 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical vulnerability has been found in ZZCMS. The issue affects an unknown function of the file /admin/about edit.php?action=modify. The manipulation of the skin argument leads to path traversal. It is...

7.5CVSS7.5AI score0.00932EPSS
Exploits1References10
CNNVD
CNNVD
added 2024/08/19 12:0 a.m.5 views

ZZCMS 路径遍历漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A path traversal vulnerability exists in ZZCMS version 2023, which stems from the parameter skin in the file /admin/class.php?dowhat=modifyclass that causes path traversal. No details of the vulnerability are provided at this ti...

7.5CVSS6.8AI score0.00932EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/08/16 12:0 a.m.3 views

ZZCMS 安全漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A cross-site scripting vulnerability exists in ZZCMS v2023 and earlier versions, which stems from incorrect HTTPREFERER header handling, and can be exploited by an attacker to execute malicious scripts via specially crafted URLs...

4.7CVSS6.3AI score0.00368EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/16 12:0 a.m.3 views

ZZCMS 安全漏洞

ZZCMS is a content management system CMS by the ZZCMS team in China. A security vulnerability exists in ZZCMS version v2023, which stems from vulnerability to reflective cross-site scripting attacks, where an attacker can execute arbitrary code in a user's browser environment by injecting a...

4.7CVSS6.7AI score0.00323EPSS
Exploits0References3
Rows per page
Query Builder