Submit #478688: code-projects Chat System Using PHP With Source Code 1.0 SQL Injection [Accepted]
Submit #478688 / VDB-292415
Aggregator
CVE-2025-0529 | code-projects Train Ticket Reservation System 1.0 Login Form username stack-based overflow
5 months ago
A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow.
This vulnerability is uniquely identified as CVE-2025-0529. Attacking locally is a requirement. Furthermore, there is an exploit available.
vuldb.com
美网络攻击我国某先进材料设计研究院事件调查报告
5 months ago
美网络攻击我国某先进材料设计研究院事件调查报告
5 months ago
美网络攻击我国某先进材料设计研究院事件调查报告
5 months ago
2024年12月18日,国家互联网应急中心CNCERT发布公告(https://www.cert.org.cn/publish/main/8/2024/20241218184234131217571/
Submit #478674: code-projects job-recruitment 1/0 php Cross Site Scripting [Accepted]
5 months ago
Submit #478674 / VDB-292414
George666
CVE-2025-0528 | Tenda AC8/AC10/AC18 16.03.10.20 HTTP Request /goform/telnet command injection
5 months ago
A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection.
This vulnerability is handled as CVE-2025-0528. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-0527 | code-projects Admission Management System 1.0 /signupconfirm.php in_eml sql injection
5 months ago
A vulnerability classified as critical was found in code-projects Admission Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /signupconfirm.php. The manipulation of the argument in_eml leads to sql injection.
This vulnerability is known as CVE-2025-0527. The attack can be launched remotely. Furthermore, there is an exploit available.
Other parameters might be affected as well.
vuldb.com
Submit #478650: Tenda AC8v4 v16.03.34.09 Command Injection [Duplicate]
5 months ago
Submit #478650 / VDB-292412
Pr0b1em
Submit #478447: code-projects Train Ticket Reservation System 1.0 Buffer Overflow [Accepted]
5 months ago
Submit #478447 / VDB-292413
c4ttr4ck
直播倒计时4天:聊聊从“打黑工”到大厂安全负责人的那些事儿
5 months ago
直播倒计时4天:聊聊从“打黑工”到大厂安全负责人的那些事儿
5 months ago
12月26日,《三个白帽聊安全》直播吃瓜,携好礼等你来!
Submit #478175: Tenda AC10v4.0 v16.03.10.20 Command Injection [Accepted]
5 months ago
Submit #478175 / VDB-292412
Pr0b1em
CVE-2024-13378 | GravityForms Plugin 2.9.0.1/2.9.1.3 on WordPress style_settings cross site scripting
5 months ago
A vulnerability classified as problematic has been found in GravityForms Plugin 2.9.0.1/2.9.1.3 on WordPress. Affected is an unknown function. The manipulation of the argument style_settings leads to cross site scripting.
This vulnerability is traded as CVE-2024-13378. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-13377 | GravityForms Plugin up to 2.9.1.3 on WordPress alt cross site scripting
5 months ago
A vulnerability was found in GravityForms Plugin up to 2.9.1.3 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument alt leads to cross site scripting.
The identification of this vulnerability is CVE-2024-13377. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-12370 | WP Hotel Booking Plugin up to 2.1.5 on WordPress authorization
5 months ago
A vulnerability was found in WP Hotel Booking Plugin up to 2.1.5 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to missing authorization.
This vulnerability was named CVE-2024-12370. The attack needs to be initiated within the local network. There is no exploit available.
vuldb.com
Submit #477899: code-projects.org Admission Management System V1.0 sql [Accepted]
5 months ago
Submit #477899 / VDB-292411
Zwdtk
CVE-2025-23900 | Genkisan Genki Announcement Plugin up to 1.4.1 on WordPress cross-site request forgery
5 months ago
A vulnerability was found in Genkisan Genki Announcement Plugin up to 1.4.1 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery.
This vulnerability is uniquely identified as CVE-2025-23900. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-23880 | anmari amr Personalise Plugin up to 2.10 on WordPress cross-site request forgery
5 months ago
A vulnerability was found in anmari amr Personalise Plugin up to 2.10 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery.
This vulnerability is handled as CVE-2025-23880. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-23844 | wellwisher Custom Widget Classes Plugin up to 1.1 on WordPress cross-site request forgery
5 months ago
A vulnerability has been found in wellwisher Custom Widget Classes Plugin up to 1.1 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery.
This vulnerability is known as CVE-2025-23844. The attack can be launched remotely. There is no exploit available.
vuldb.com