Lucene search
K

145 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:24 a.m.6 views

CVE-2024-0930

A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49multiTDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS7AI score0.1521EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:11 a.m.7 views

CVE-2023-32267

A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Management Center. The vulnerability could be remotely exploited...

8.8CVSS6.9AI score0.0041EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:51 a.m.6 views

CVE-2023-2391

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=timezone.htm of the component Web Management Interface. The manipulation of the argument ntp.server2 leads to cross site...

4.8CVSS6AI score0.00649EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.7 views

CVE-2023-2393

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file scgi-bin/platform.cgi?page=dmzsetup.htm of the component Web Management Interface. The manipulation of the argument...

4.8CVSS6.1AI score0.00649EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 a.m.6 views

CVE-2018-25038

A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input as part of POST Request leads to cross site scripting Persistent. It is possible to...

5.4CVSS6.2AI score0.00558EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/22 12:0 a.m.5 views

PT-2025-22944 · D Link · D-Link Dcs-5020L

Name of the Vulnerable Software and Affected Versions: D-Link DCS-5020L version 1.01 B2 Description: A critical vulnerability has been found in the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the Authorization argument leads to a stack-based buffer overflow. It is...

9.8CVSS8.7AI score0.00953EPSS
Exploits1References17
Cvelist
Cvelist
added 2025/05/21 12:0 a.m.30 views

CVE-2025-5011 moonlightL hexo-boot Dynamic List Page index.html cross site scripting

A vulnerability classified as problematic was found in moonlightL hexo-boot 4.3.0. This vulnerability affects unknown code of the file /admin/home/index.html of the component Dynamic List Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has...

4.8CVSS0.0035EPSS
Exploits1References4
NVD
NVD
added 2025/05/18 4:15 a.m.17 views

CVE-2025-4858

A vulnerability was found in D-Link DAP-2695 120b36r137ALLen20210528. It has been declared as problematic. This vulnerability affects unknown code of the file /advarpspoofing.php of the component ARP Spoofing Prevention Page. The manipulation of the argument harpmac leads to cross site scripting...

4.8CVSS0.00572EPSS
Exploits1References5
CVE
CVE
added 2025/05/16 4:0 a.m.34 views

CVE-2025-4745

CVE-2025-4745 affects the code-projects Employee Record System 1.0 , specifically the file current_employees.php . The vulnerability arises from improper handling of the arguments employeed_id , first_name , middle_name , and last_name , leading to a cross-site scripting (XSS) condition. Exploita...

5.4CVSS6.2AI score0.00285EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/16 12:0 a.m.5 views

PT-2025-21594 · Unknown · Campcodes Sales/Inventory System

Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0 Description: A critical vulnerability has been found in the Campcodes Sales and Inventory System, affecting an unknown functionality of the file /pages/product.php. The manipulation of the...

8.8CVSS6.3AI score0.00335EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/05/13 11:0 p.m.28 views

CVE-2025-4551

A vulnerability, which was classified as problematic, was found in ContiNew Admin up to 3.6.0. Affected is an unknown function of the file /dev-api/common/file. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

5.1CVSS6.3AI score0.00294EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/11 9:8 p.m.19 views

CVE-2025-4491

A vulnerability classified as critical was found in Campcodes Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /routers/ticket-status.php. The manipulation of the argument ticketid leads to sql injection. The attack can be initiated remotely. The exploit has be...

9.8CVSS7.5AI score0.00569EPSS
Exploits1References1
NVD
NVD
added 2025/05/10 6:15 p.m.15 views

CVE-2025-4510

A vulnerability was found in Changjietong UFIDA CRM 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /optnty/optntyday.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been...

6.5CVSS0.00264EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/09 9:31 p.m.26 views

CVE-2025-4494 JAdmin-JAVA JAdmin Admin Backend NoNeedLoginController.java toLogin improper authentication

A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected is the function toLogin of the file NoNeedLoginController.java of the component Admin Backend. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The...

7.5CVSS0.00629EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/01 5:31 a.m.24 views

CVE-2025-4151 PHPGurukul Curfew e-Pass Management System pass-bwdates-reports-details.php sql injection

A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/pass-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated...

7.5CVSS0.00438EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/04/30 11:0 a.m.26 views

CVE-2025-4113 PHPGurukul Curfew e-Pass Management System edit-pass-detail.php sql injection

A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit-pass-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be initiated remotely. The...

6.5CVSS0.00357EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/04/29 4:0 p.m.5 views

CVE-2025-4071 PHPGurukul COVID19 Testing Management System test-details.php sql injection

A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /test-details.php. The manipulation of the argument Status leads to sql injection. The attack can be initiated remotely. The exploit h...

7.5CVSS7.5AI score0.00498EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/04/28 9:31 a.m.28 views

CVE-2025-4014 PHPGurukul Art Gallery Management System manage-art-medium.php sql injection

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-art-medium.php. The manipulation of the argument artmed leads to sql injection. The attack can be...

7.5CVSS0.00428EPSS
Exploits1References5
NVD
NVD
added 2025/04/28 4:15 a.m.13 views

CVE-2025-4000

A vulnerability, which was classified as problematic, was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. Affected is an unknown function of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\ssoproxy\jsp\ssoproxy.jsp. The manipulation of the argument Name leads to cross site...

5.4CVSS0.00251EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/14 10:31 a.m.6 views

CVE-2025-3562 Yonyou YonBIP userfile FileInputStream path traversal

A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected by this vulnerability is the function FileInputStream of the file /mobsm/common/userfile. The manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit...

5.3CVSS6.7AI score0.00521EPSS
Exploits0References4
Rows per page
Query Builder