Aggregator

CVE-2023-39714 | Inventory Management System 1.0 Add Member Section Name/Address/Company cross site scripting (EUVD-2023-43414)

Vuldb Updates
2 months 1 week ago
A vulnerability labeled as problematic has been found in Inventory Management System 1.0. This affects an unknown function of the component Add Member Section. Such manipulation of the argument Name/Address/Company leads to cross site scripting. This vulnerability is listed as CVE-2023-39714. The attack may be performed from remote. There is no available exploit.
vuldb.com

CVE-2023-39711 | Inventory Management System 1.0 Subtotal/Paidbill cross site scripting (EUVD-2023-43411)

Vuldb Updates
2 months 1 week ago
A vulnerability was found in Inventory Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Subtotal/Paidbill leads to cross site scripting. This vulnerability is documented as CVE-2023-39711. The attack can be initiated remotely. There is not any exploit available.
vuldb.com

CVE-2023-39712 | Inventory Management System 1.0 Add New Put Section Name/Address/Company cross site scripting (EUVD-2023-43412)

Vuldb Updates
2 months 1 week ago
A vulnerability categorized as problematic has been discovered in Inventory Management System 1.0. The impacted element is an unknown function of the component Add New Put Section. The manipulation of the argument Name/Address/Company results in cross site scripting. This vulnerability was named CVE-2023-39712. The attack may be performed from remote. There is no available exploit.
vuldb.com

CVE-2026-1425 | pymumu SmartDNS up to 47.1 SVBC Record Parser src/dns.c _dns_decode_rr_head/_dns_decode_SVCB_HTTPS stack-based overflow

VulDB Recent Entries
2 months 1 week ago
A vulnerability categorized as critical has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function _dns_decode_rr_head/_dns_decode_SVCB_HTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2026-1425. It is possible to launch the attack remotely. No exploit is available. Applying a patch is advised to resolve this issue.
vuldb.com

CVE-2026-1423 | code-projects Online Examination System 1.0 /admin_pic.php unrestricted upload

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in code-projects Online Examination System 1.0. It has been declared as critical. Affected by this issue is some unknown functionality of the file /admin_pic.php. Executing a manipulation can lead to unrestricted upload. This vulnerability appears as CVE-2026-1423. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

CVE-2026-1422 | code-projects Online Examination System 1.0 Login Page /index.php User sql injection

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in code-projects Online Examination System 1.0. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Page. Performing a manipulation of the argument User results in sql injection. This vulnerability is reported as CVE-2026-1422. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com

CVE-2026-1420 | Tenda AC23 16.03.07.52 /goform/WifiExtraSet wpapsk_crypto buffer overflow

VulDB Recent Entries
2 months 1 week ago
A vulnerability has been found in Tenda AC23 16.03.07.52 and classified as critical. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of the argument wpapsk_crypto causes buffer overflow. This vulnerability is registered as CVE-2026-1420. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

Managed ad