367 matches found
CVE-2024-43939
Missing Authorization vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Z Y N I T H: from n/a through 7.4.9...
CVE-2020-36539
A vulnerability was found in Lógico y Creativo 1.0 and classified as critical. This issue affects some unknown processing. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely...
PT-2025-21781 · Unknown · Y Project Ruoyi
Name of the Vulnerable Software and Affected Versions: y project RuoYi version 4.8.0 Description: A vulnerability has been found in y project RuoYi. It affects an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The manipulation of the ids argument...
USN-7512-1 linux-gcp-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...
CVE-2025-4475
...
CVE-2025-32113
Cross-Site Request Forgery CSRF vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas libro-de-reclamaciones-y-quejas allows Cross Site Request Forgery.This issue affects Libro de Reclamaciones y Quejas: from n/a through = 1.0...
CVE-2025-32113
Cross-Site Request Forgery CSRF vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas libro-de-reclamaciones-y-quejas allows Cross Site Request Forgery.This issue affects Libro de Reclamaciones y Quejas: from n/a through = 1.0...
CVE-2025-32113
CVE-2025-32113 is a CSRF vulnerability in Libro de Reclamaciones y Quejas (Renzo Tejada) affecting version up to 0.9. The connected record notes "Libro de Reclamaciones y Quejas
CVE-2025-30898
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mahdi Yousefi MahdiY افزونه حمل و نقل ووکامرس پست پیشتاز و سفارشی، پیک موتوری persian-woocommerce-shipping allows Stored XSS.This issue affects افزونه حمل و نقل ووکامرس پست پیشتاز و سفارشی، پیک...
CVE-2025-2202
Broken access control vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain sensitive information about other users such as id, name, login and email...
CVE-2025-2199
SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...
CVE-2025-2202
Broken access control vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain sensitive information about other users such as id, name, login and email...
CVE-2025-2199
SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...
CVE-2025-2202
CVE-2025-2202 is a broken access control vulnerability in the Innovación y Cualificación local administration plugin’s ajax.php. Affected component: local administration plugin (ajax.php). Root cause: improper access control that permits an attacker to obtain sensitive user data (id, name, login,...
CVE-2025-2201 Broken access control vulnerability in the Innovación y Cualificación IcProgreso plugin
Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain sensitive information about other users such as public IP addresses, messages with other users and more...
CVE-2025-2200 SQL injection vulnerability in the Innovación y Cualificación IcProgreso plugin
SQL injection vulnerability in the IcProgreso Innovación y Cualificación plugin. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query on the parameters user, id, idGroup, startdate and enddate in the endpoint...
CVE-2025-2199 SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php
SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...
CVE-2025-2199 SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php
SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...
Innovación y Cualificación 安全漏洞
Innovación y Cualificación is an e-learning solution from Innovación y Cualificación. Innovación y Cualificación has a security vulnerability that stems from improper access control and could lead to an attacker gaining access to sensitive information of other users...
Innovación y Cualificación SQL注入漏洞
Innovación y Cualificación is an e-learning solution from Innovación y Cualificación. Innovación y Cualificación suffers from an SQL injection vulnerability that originates from SQL injection and could lead to an attacker obtaining, updating, and deleting database data via injected SQL queries...