A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. Affected is an unknown function of the file /admind45f74adbd95.php?c=email&m=add of the component Email Setting Handler. Performin…
In the Linux kernel, the following vulnerability has been resolved: af_unix: Initialise scc_index in unix_add_edge(). Quang Le reported that the AF_UNIX GC could garbage-collect a receive queue of …
Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Ser…
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests …
OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com doe…
A weakness has been identified in moxi159753 Mogu Blog v2 up to 5.2. The affected element is an unknown function of the file /file/pictures. This manipulation of the argument filedatas causes unrestr…
A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results …
A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function set_mesh_disconnect of the file /send_order.cgi. The manipulation of the argument mac results in command …
A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function ap_macfilter_del of the file /send_order.cgi. The manipulation of the argument mac leads to …
A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function ap_macfilter_add of the file /send_order.cgi. Executing manipulation of the argument mac can lead to command inject…
A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdel_swifimac of the file /send_order.cgi. Performing manipulation of the argument del_swi…
A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to s…
A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content res…
A security flaw has been discovered in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. This affects the function check/uncheck/delete of the file application/Comment/Controller/Commentad…
A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the function delete of the file application/Admin/Controller/SlideController.c…
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF tok…
OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation…
A Heap-based Buffer Overflow vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose inform…
An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information …
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injecti…
A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulatio…
A security flaw has been discovered in code-projects Jonnys Liquor 1.0. Affected by this issue is some unknown functionality of the file /detail.php of the component GET Parameter Handler. Performing…
A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to …
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /delete_admin.php. The manipulation of the argument admin_id leads to …
A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The atta…
A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql i…
A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part of the file /admin/reset-password.php. The manipulation of the argument email results in sql injectio…
A vulnerability has been found in Campcodes Online Polling System 1.0. Affected by this issue is some unknown functionality of the file /registeracc.php. The manipulation of the argument email leads …
A flaw has been found in Campcodes Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checklogin.php. Executing a manipulation of the argument my…
A vulnerability was detected in Campcodes School File Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument s…
A security vulnerability has been detected in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /index.php of the component Login. Such manipulation of the argume…
A vulnerability was detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this issue is some unknown functionality of the file /results.php of the compone…
A weakness has been identified in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected is an unknown function of the file /customer_register.php. Executing manipulation…
A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument …
Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over Identity Manager.
A vulnerability was identified in SourceCodester Online Shop Project 1.0. The affected element is an unknown function of the file /action.php. Such manipulation of the argument Search leads to sql in…
A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument Password results in sql injecti…
A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argum…
A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/add_product.php. The manipulation of the argument txtProductName leads …
A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/change_s_pwd.php. Performing manipulation…
SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.
A security vulnerability has been detected in itsourcecode Human Resource Management System 1.0. Impacted is an unknown function of the file /src/store/NoticeStore.php. Such manipulation of the argum…
A weakness has been identified in itsourcecode Human Resource Management System 1.0. This issue affects some unknown processing of the file /src/store/EventStore.php. This manipulation of the argumen…
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.
A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_football.php. Performing a manipula…
A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql…
A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql in…
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System allows…
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption (JOSE) standards. In versions from 1.3.3 to before 1.3.5 and from 1.4.0 to before 1.4.2, the …
A weakness has been identified in SourceCodester Train Station Ticketing System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=login. This manipulation o…
A security flaw has been discovered in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /listorder.php. Performing manipulation of the argument ID results i…
Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI comman…
A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Con…
A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sq…
A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The mani…
A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql…
A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing a manipulation can lead to sql …
A vulnerability was detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. This affects an unknown function of the file /enrollment/controller.php. Performing a manipulation re…
A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown function of the file /course/controller.php. Such ma…
A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirm_order.php. Performing a manipulation of the argument ID results i…
A vulnerability was identified in itsourcecode Online Voting System 1.0. The affected element is an unknown function of the file /login.php. Such manipulation of the argument Username leads to sql in…
A vulnerability was determined in CodeAstro Simple Inventory System 1.0. The impacted element is an unknown function of the file /index.php of the component Login. Executing a manipulation of the arg…
A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This manipulation of the argument ID causes sql injec…
OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization.
A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Affected is an unknown function of the file /manage_course.php. Such manipulation of the argument ID leads to sq…
A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=login. This manipulation of the argument Username …
A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success.php. Performing manipulation of the argument user…
