Search Results (121017 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-45103 1 Dell 8 Emc Solutions Enabler Virtual Appliance, Emc Unisphere For Powermax, Emc Unisphere For Powermax Virtual Appliance and 5 more 2025-04-03 6.5 Medium
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.
CVE-2017-20174 1 Getkirby 1 Webmentions 2025-04-03 5.6 Medium
A vulnerability was found in bastianallgeier Kirby Webmentions Plugin and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The patch is identified as 55bedea78ae9af916a9a41497bd9996417851502. It is recommended to apply a patch to fix this issue. VDB-218894 is the identifier assigned to this vulnerability.
CVE-2021-26642 2 Microsoft, Xpressengine 2 Windows, Xpressengine 2025-04-03 8.8 High
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.
CVE-2021-26644 2 Mangboard, Microsoft 2 Mangboard Wp, Windows 2025-04-03 8.8 High
SQL-Injection vulnerability caused by the lack of verification of input values for the table name of DB used by the Mangboard bulletin board. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.
CVE-2024-55509 1 Codeastro 1 Complaint Management System 2025-04-03 9.8 Critical
SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via the id parameter of the delete.php component.
CVE-2024-12890 1 Code-projects 1 Online Exam Mastering System 2025-04-03 6.3 Medium
A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /update.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-12891 1 Code-projects 1 Online Exam Mastering System 2025-04-03 6.3 Medium
A vulnerability classified as critical has been found in code-projects Online Exam Mastering System 1.0. Affected is an unknown function of the file /account.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-12892 1 Code-projects 1 Online Exam Mastering System 2025-04-03 3.5 Low
A vulnerability classified as problematic was found in code-projects Online Exam Mastering System 1.0. Affected by this vulnerability is an unknown functionality of the file /sign.php?q=account.php. The manipulation of the argument name/gender/college leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-12926 1 Codezips 1 Project Management System 2025-04-03 6.3 Medium
A vulnerability classified as critical was found in Codezips Project Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/forms/advanced.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
CVE-2024-12928 1 Code-projects 1 Simple Admin Panel 2025-04-03 6.3 Medium
A vulnerability, which was classified as critical, was found in code-projects Simple Admin Panel 1.0. This affects an unknown part. The manipulation of the argument c_name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-12929 1 Code-projects 1 Student Management System 2025-04-03 6.3 Medium
A vulnerability has been found in code-projects Student Management System 1.0.00 and classified as critical. This vulnerability affects unknown code of the file /addCatController.php. The manipulation of the argument size leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-12930 1 Code-projects 1 Simple Admin Panel 2025-04-03 3.5 Low
A vulnerability was found in code-projects Simple Admin Panel 1.0 and classified as problematic. This issue affects some unknown processing of the file addCatController.php. The manipulation of the argument c_name leads to cross site scripting. The attack may be initiated remotely.
CVE-2024-12931 1 Code-projects 1 Simple Admin Panel 2025-04-03 6.3 Medium
A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been classified as critical. Affected is an unknown function of the file /addCatController.php. The manipulation of the argument size leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-12932 1 Code-projects 1 Simple Admin Panel 2025-04-03 3.5 Low
A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file addSizeController.php. The manipulation of the argument size leads to cross site scripting. The attack can be launched remotely.
CVE-2024-12933 1 Code-projects 1 Simple Admin Panel 2025-04-03 3.5 Low
A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file updateItemController.php. The manipulation of the argument p_name/p_desc leads to cross site scripting. The attack may be launched remotely.
CVE-2024-12934 1 Code-projects 1 Simple Admin Panel 2025-04-03 6.3 Medium
A vulnerability classified as critical has been found in code-projects Simple Admin Panel 1.0. This affects an unknown part of the file updateItemController.php. The manipulation of the argument p_desk leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-55099 1 Phpgurukul 1 Online Nurse Hiring System 2025-04-03 9.8 Critical
A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username parameter.
CVE-2024-54810 1 Phpgurukul 1 Pre-school Enrollment System 2025-04-03 9.8 Critical
A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul Pre-School Enrollment System Project v1.0, which allows remote attackers to execute arbitrary code via the mobileno parameter.
CVE-2024-13070 1 Codeastro 1 Online Food Ordering System 2025-04-03 6.3 Medium
A vulnerability was found in CodeAstro Online Food Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/update_users.php of the component Update User Page. The manipulation of the argument user_upd leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-13067 1 Codeastro 1 Online Food Ordering System 2025-04-03 5.3 Medium
A vulnerability was found in CodeAstro Online Food Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/all_users.php of the component All Users Page. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.