Lucene search
+L

367 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.9 views

CVE-2024-43939

Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9...

6.5CVSS6.9AI score0.00334EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:37 p.m.6 views

CVE-2020-36539

A vulnerability was found in Lógico y Creativo 1.0 and classified as critical. This issue affects some unknown processing. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely...

9.8CVSS7.3AI score0.0062EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/05/17 12:0 a.m.13 views

PT-2025-21781 · Unknown · Y Project Ruoyi

Name of the Vulnerable Software and Affected Versions: y project RuoYi version 4.8.0 Description: A vulnerability has been found in y project RuoYi. It affects an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The manipulation of the ids argument...

3.1CVSS3.7AI score0.00384EPSS
Exploits1References8
OSV
OSV
added 2025/05/16 4:11 p.m.9 views

USN-7512-1 linux-gcp-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

7.8CVSS6.9AI score0.12727EPSS
Exploits3References129
Vulnrichment
Vulnrichment
added 2025/05/08 8:6 p.m.6 views

CVE-2025-4475

...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/06 4:36 p.m.8 views

CVE-2025-32113

Cross-Site Request Forgery CSRF vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas libro-de-reclamaciones-y-quejas allows Cross Site Request Forgery.This issue affects Libro de Reclamaciones y Quejas: from n/a through = 1.0...

7.1CVSS7.2AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2025/04/04 4:15 p.m.7 views

CVE-2025-32113

Cross-Site Request Forgery CSRF vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas libro-de-reclamaciones-y-quejas allows Cross Site Request Forgery.This issue affects Libro de Reclamaciones y Quejas: from n/a through = 1.0...

7.1CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2025/04/04 3:58 p.m.47 views

CVE-2025-32113

CVE-2025-32113 is a CSRF vulnerability in Libro de Reclamaciones y Quejas (Renzo Tejada) affecting version up to 0.9. The connected record notes "Libro de Reclamaciones y Quejas

7.1CVSS7.2AI score0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/03/27 11:15 a.m.6 views

CVE-2025-30898

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mahdi Yousefi MahdiY افزونه حمل و نقل ووکامرس پست پیشتاز و سفارشی، پیک موتوری persian-woocommerce-shipping allows Stored XSS.This issue affects افزونه حمل و نقل ووکامرس پست پیشتاز و سفارشی، پیک...

6.5CVSS7.2AI score0.00271EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/19 10:21 a.m.7 views

CVE-2025-2202

Broken access control vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain sensitive information about other users such as id, name, login and email...

6.9CVSS6.2AI score0.00337EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/19 10:18 a.m.10 views

CVE-2025-2199

SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...

9.3CVSS7.7AI score0.00321EPSS
Exploits0References3
NVD
NVD
added 2025/03/17 11:15 a.m.6 views

CVE-2025-2202

Broken access control vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain sensitive information about other users such as id, name, login and email...

6.9CVSS0.00337EPSS
Exploits0References1
NVD
NVD
added 2025/03/17 10:15 a.m.23 views

CVE-2025-2199

SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...

9.3CVSS0.00321EPSS
Exploits0References1
CVE
CVE
added 2025/03/17 10:14 a.m.43 views

CVE-2025-2202

CVE-2025-2202 is a broken access control vulnerability in the Innovación y Cualificación local administration plugin’s ajax.php. Affected component: local administration plugin (ajax.php). Root cause: improper access control that permits an attacker to obtain sensitive user data (id, name, login,...

6.9CVSS6.2AI score0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/17 10:13 a.m.20 views

CVE-2025-2201 Broken access control vulnerability in the Innovación y Cualificación IcProgreso plugin

Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain sensitive information about other users such as public IP addresses, messages with other users and more...

6.9CVSS0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/17 10:9 a.m.6 views

CVE-2025-2200 SQL injection vulnerability in the Innovación y Cualificación IcProgreso plugin

SQL injection vulnerability in the IcProgreso Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query on the parameters user, id, idGroup, startdate and enddate in the endpoint...

9.3CVSS7.4AI score0.00321EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/17 10:9 a.m.27 views

CVE-2025-2199 SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php

SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...

9.3CVSS0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/17 10:9 a.m.8 views

CVE-2025-2199 SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php

SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...

9.3CVSS7.3AI score0.00321EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.4 views

Innovación y Cualificación 安全漏洞

Innovación y Cualificación is an e-learning solution from Innovación y Cualificación. Innovación y Cualificación has a security vulnerability that stems from improper access control and could lead to an attacker gaining access to sensitive information of other users...

6.9CVSS6.5AI score0.00337EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.6 views

Innovación y Cualificación SQL注入漏洞

Innovación y Cualificación is an e-learning solution from Innovación y Cualificación. Innovación y Cualificación suffers from an SQL injection vulnerability that originates from SQL injection and could lead to an attacker obtaining, updating, and deleting database data via injected SQL queries...

9.3CVSS7.9AI score0.00321EPSS
Exploits0References1
Rows per page
Query Builder