CNA 2024

VulDB is an officially certified CVE Numbering Authority (CNA) by MITRE and Authorized Data Publisher (ADP) by NIST NVD. We are authorized to handle new vulnerability submissions, assign unique CVEs and disclose them. CVE is an international program to discover vulnerabilities which are then assigned and published to the CVE list. Partners coordinate such CVE entries to communicate consistent descriptions. Information technology and cybersecurity professionals all around the world use CVE records to ensure they are discussing the same issues, and to coordinate their efforts to prioritize and address these properly.

Vendor

Identifying all affected vendors is a good starting point for an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Product

Tenda AC10U23
MAGESH-K21 Online-College-Event-Hall-Reservation-S ...22
Campcodes Online Job Finder System20
Kashipara Food Management System19
Tenda AC1517

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix24
Temporary Fix0
Workaround13
Unavailable0
Not Defined894

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High0
Functional0
Proof-of-Concept916
Unproven0
Not Defined15

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical6
Local20
Adjacent52
Network853

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High113
Low575
None243

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required213
None718

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

VulDB

≤10
≤23
≤337
≤4161
≤5126
≤6100
≤7290
≤8125
≤987
≤102

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

Exploit 0-day

<1k66
<2k768
<5k88
<10k3
<25k6
<50k0
<100k0
≥100k0

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

IDVulnerabilityScopeResponsibleSubmissionCreatedUpdatedCVESubmitStatus
260579cym1102 nginxWebUI reload exec deserializationVulDBVulDB04/05/202404/12/202404/12/2024CVE-2024-3740311216
accepted
260578cym1102 nginxWebUI upload os command injectionVulDBVulDB04/12/202404/12/2024CVE-2024-3739
 
accepted
260577cym1102 nginxWebUI saveCmd handlePath certificate validationVulDBVulDB04/12/202404/12/2024CVE-2024-3738
 
accepted
260576cym1102 nginxWebUI addOver findCountByQuery path traversalVulDBVulDB04/12/202404/12/2024CVE-2024-3737
 
accepted
260575cym1102 nginxWebUI upload unrestricted uploadVulDBVulDB04/12/202404/12/2024CVE-2024-3736
 
accepted
260574Smart Office Main.aspx weak passwordVulDBVulDB04/05/202404/12/202404/12/2024CVE-2024-3735311153
accepted
260573TBK DVR-4104/DVR-4216 os command injectionVulDBVulDB04/11/202404/12/202404/12/2024CVE-2024-3721314969
accepted
260572Tianwell Fire Intelligent Command Platform API Interface page sql injectionVulDBVulDB04/11/202404/12/202404/12/2024CVE-2024-3720314922
accepted
260571Campcodes House Rental Management System ajax.php sql injectionVulDBVulDB04/10/202404/12/202404/12/2024CVE-2024-3719314205
accepted
260485Campcodes House Rental Management System manage_payment.php sql injectionVulDBVulDB04/10/202404/12/202404/12/2024CVE-2024-3698314204
accepted
260484Campcodes House Rental Management System manage_tenant.php sql injectionVulDBVulDB04/10/202404/12/202404/12/2024CVE-2024-3697314203
accepted
260483Campcodes House Rental Management System view_payment.php sql injectionVulDBVulDB04/10/202404/12/202404/12/2024CVE-2024-3696314199
accepted
260482SourceCodester Computer Laboratory Management System Users.php cross site scriptingVulDBVulDB04/10/202404/12/202404/12/2024CVE-2024-3695314071
accepted
260480PHPGurukul Small CRM Registration Page sql injectionVulDBVulDB04/09/202404/12/202404/12/2024CVE-2024-3691312975
accepted
260479PHPGurukul Small CRM Change Password sql injectionVulDBVulDB04/09/202404/12/202404/12/2024CVE-2024-3690312974
accepted
260478Zhejiang Land Zongheng Network Technology O2OA information disclosureVulDBVulDB04/03/202404/12/202404/12/2024CVE-2024-3689309457
accepted
260476Xiamen Four-Faith RMP Router Management Platform sql injectionVulDBVulDB04/03/202404/12/202404/12/2024CVE-2024-3688309455
accepted
260474bihell Dice Comment cross site scriptingVulDBVulDB04/03/202404/12/202404/12/2024CVE-2024-3687309445
accepted
260473DedeCMS update_guide.php path traversalVulDBVulDB04/03/202404/12/202404/12/2024CVE-2024-3686309454
accepted
260472DedeCMS stepselect_main.php sql injectionVulDBVulDB04/03/202404/12/202404/12/2024CVE-2024-3685309447
accepted
260277SourceCodester Kortex Lite Advocate Office Management System register_case.php sql injectionVulDBVulDB04/09/202404/10/202404/10/2024CVE-2024-3621312832
accepted
260276SourceCodester Kortex Lite Advocate Office Management System adds.php sql injectionVulDBVulDB04/09/202404/10/202404/10/2024CVE-2024-3620312815
accepted
260275SourceCodester Kortex Lite Advocate Office Management System addcase_stage.php sql injectionVulDBVulDB04/09/202404/10/202404/10/2024CVE-2024-3619312813
accepted
260274SourceCodester Kortex Lite Advocate Office Management System activate_case.php sql injectionVulDBVulDB04/09/202404/10/202404/10/2024CVE-2024-3618312807
accepted
260273SourceCodester Kortex Lite Advocate Office Management System deactivate_case.php sql injectionVulDBVulDB04/09/202404/10/202404/10/2024CVE-2024-3617312804
accepted
260272SourceCodester Warehouse Management System pengguna.php cross site scriptingVulDBVulDB04/09/202404/10/202404/10/2024CVE-2024-3616312704
accepted
260271SourceCodester Warehouse Management System customer.php cross site scriptingVulDBVulDB04/09/202404/10/202404/10/2024CVE-2024-3614312703
accepted
260270SourceCodester Warehouse Management System supplier.php cross site scriptingVulDBVulDB04/09/202404/10/202404/10/2024CVE-2024-3613312701
accepted
260269SourceCodester Warehouse Management System barang.php cross site scriptingVulDBVulDB04/09/202404/10/202404/10/2024CVE-2024-3612312700
accepted
259912Campcodes Church Management System add_visitor.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3542312544
accepted
259911Campcodes Church Management System admin_user.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3541312542
accepted
259910Campcodes Church Management System add_sundaysch.php sql injectionVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3540312541
accepted
259909Campcodes Church Management System addgiving.php sql injectionVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3539312540
accepted
259908Campcodes Church Management System addTithes.php sql injectionVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3538312539
accepted
259907Campcodes Church Management System admin_user.php sql injectionVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3537312538
accepted
259906Campcodes Church Management System delete_log.php sql injectionVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3536312537
accepted
259905Campcodes Church Management System index.php sql injectionVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3535312536
accepted
259904Campcodes Church Management System login.php sql injectionVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3534312535
accepted
259903Campcodes Complete Online Student Management System academic_year_view.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3533312524
accepted
259902Campcodes Complete Online Student Management System attendance_view.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3532312523
accepted
259901Campcodes Complete Online Student Management System courses_view.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3531312522
accepted
259900Campcodes Complete Online Student Management System Marks_view.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3530312521
accepted
259899Campcodes Complete Online Student Management System students_view.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3529312520
accepted
259898Campcodes Complete Online Student Management System units_view.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3528312519
accepted
259897Campcodes Online Event Management System index.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3526312508
accepted
259896Campcodes Online Event Management System index.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3525312507
accepted
259895Campcodes Online Event Management System process.php cross site scriptingVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3524312506
accepted
259894Campcodes Online Event Management System index.php sql injectionVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3523312505
accepted
259893Campcodes Online Event Management System process.php sql injectionVulDBVulDB04/08/202404/09/202404/09/2024CVE-2024-3522312504
accepted
259892Byzoro Smart S80 Management Platform userattestation.php unrestricted uploadVulDBVulDB04/02/202404/09/202404/09/2024CVE-2024-3521308509
accepted
259747SourceCodester Laundry Management System Pengeluaran.php laporan_filter sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3466312314
accepted
259746SourceCodester Laundry Management System Transaki.php laporan_filter sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3465312313
accepted
259745SourceCodester Laundry Management System Pelanggan.php laporan_filter sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3464312304
accepted
259744SourceCodester Laundry Management System edit cross site scriptingVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3463312302
accepted
259714Netentsec NS-ASG Application Security Gateway add_ikev2.php sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3458312186
accepted
259713Netentsec NS-ASG Application Security Gateway config_ISCGroupNoCache.php sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3457312184
accepted
259712Netentsec NS-ASG Application Security Gateway config_Anticrack.php sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3456312183
accepted
259711Netentsec NS-ASG Application Security Gateway add_postlogin.php sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3455312182
accepted
259702SourceCodester Laundry Management System laporan_filter sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3445312296
accepted
259701Wangshen SecGate 3600 ?g=net_pro_keyword_import_save unrestricted uploadVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3444312293
accepted
259696SourceCodester Prison Management System apply_leave.php cross site scriptingVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3443312285
accepted
259695SourceCodester Prison Management System delete_leave.php sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3442312248
accepted
259694SourceCodester Prison Management System edit-profile.php sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3441312219
accepted
259693SourceCodester Prison Management System edit_profile.php sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3440312207
accepted
259692SourceCodester Prison Management System login.php sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3439312204
accepted
259691SourceCodester Prison Management System login.php sql injectionVulDBVulDB04/08/202404/08/202404/08/2024CVE-2024-3438312203
accepted
259631SourceCodester Prison Management System Avatar add-admin.php unrestricted uploadVulDBVulDB04/07/202404/07/202404/07/2024CVE-2024-3437311920
accepted
259630SourceCodester Prison Management System Avatar edit-photo.php unrestricted uploadVulDBVulDB04/07/202404/07/202404/07/2024CVE-2024-3436311919
accepted
259615CP Plus Wi-Fi Camera User Management improper authorizationVulDBVulDB04/01/202404/07/202404/07/2024CVE-2024-3434308217
accepted
259614PuneethReddyHC Event Management register.php cross site scriptingVulDBVulDB03/31/202404/07/202404/07/2024CVE-2024-3433307744
accepted
259613PuneethReddyHC Event Management register.php sql injectionVulDBVulDB04/07/202404/07/2024CVE-2024-3432
 
accepted
259612EyouCMS Backend deserializationVulDBVulDB04/01/202404/07/202404/07/2024CVE-2024-3431308208
accepted
259611QKSMS Backup File androidmanifest.xml backupVulDBVulDB03/31/202404/07/202404/07/2024CVE-2024-3430307756
accepted
259600SourceCodester Online Courseware edit.php cross site scriptingVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3428311607
accepted
259599SourceCodester Online Courseware addq.php cross site scriptingVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3427311606
accepted
259598SourceCodester Online Courseware editt.php cross site scriptingVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3426311605
accepted
259597SourceCodester Online Courseware activateall.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3425311604
accepted
259596SourceCodester Online Courseware listscore.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3424311602
accepted
259595SourceCodester Online Courseware activateteach.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3423311601
accepted
259594SourceCodester Online Courseware activatestud.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3422311600
accepted
259593SourceCodester Online Courseware deactivatestud.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3421311599
accepted
259592SourceCodester Online Courseware saveedit.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3420311598
accepted
259591SourceCodester Online Courseware edit.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3419311597
accepted
259590SourceCodester Online Courseware deactivateteach.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3418311596
accepted
259589SourceCodester Online Courseware saveeditt.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3417311595
accepted
259588SourceCodester Online Courseware editt.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3416311593
accepted
259584SourceCodester Human Resource Information System addbranches_process.php cross site scriptingVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3415311442
accepted
259583SourceCodester Human Resource Information System addcorporate_process.php cross site scriptingVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3414311436
accepted
259582SourceCodester Human Resource Information System login_process.php sql injectionVulDBVulDB04/06/202404/06/202404/06/2024CVE-2024-3413311431
accepted
259501iboss Secure Web Gateway Login Portal login cross site scriptingVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3378310642
accepted
259498SourceCodester Computer Laboratory Management System cross site scriptingVulDBVulDB04/05/202404/05/202404/05/2024CVE-2024-3377311155
accepted
259497SourceCodester Computer Laboratory Management System config.php redirectVulDBVulDB04/05/202404/05/202404/05/2024CVE-2024-3376311154
accepted
259490code-projects Car Rental add-vehicle.php unrestricted uploadVulDBVulDB04/05/202404/05/202404/05/2024CVE-2024-3369311147
accepted
259480Xuxueli xxl-job Template JdkSerializeTool.java deserialize injectionVulDBVulDB04/01/202404/05/202404/05/2024CVE-2024-3366308180
accepted
259469SourceCodester Online Library System controller.php cross site scriptingVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3365310432
accepted
259468SourceCodester Online Library System index.php cross site scriptingVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3364310431
accepted
259467SourceCodester Online Library System index.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3363310429
accepted
259466SourceCodester Online Library System controller.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3362310426
accepted
259465SourceCodester Online Library System deweydecimal.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3361310425
accepted
259464SourceCodester Online Library System index.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3360310424
accepted
259463SourceCodester Online Library System login.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3359310423
accepted
259462SourceCodester Aplaya Beach Resort Online Reservation System index.php cross site scriptingVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3358310229
accepted
259461SourceCodester Aplaya Beach Resort Online Reservation System index.php cross site scriptingVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3357310226
accepted
259460SourceCodester Aplaya Beach Resort Online Reservation System sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3356310225
accepted
259459SourceCodester Aplaya Beach Resort Online Reservation System sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3355310224
accepted
259458SourceCodester Aplaya Beach Resort Online Reservation System index.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3354310222
accepted
259457SourceCodester Aplaya Beach Resort Online Reservation System index.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3353310221
accepted
259456SourceCodester Aplaya Beach Resort Online Reservation System index.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3352310220
accepted
259455SourceCodester Aplaya Beach Resort Online Reservation System index.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3351310219
accepted
259454SourceCodester Aplaya Beach Resort Online Reservation System index.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3350310218
accepted
259453SourceCodester Aplaya Beach Resort Online Reservation System login.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3349310217
accepted
259452SourceCodester Aplaya Beach Resort Online Reservation System index.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3348310216
accepted
259451SourceCodester Airline Ticket Reservation System activate_jet_details_form_handler.php sql injectionVulDBVulDB04/04/202404/05/202404/05/2024CVE-2024-3347310184
accepted
259450Byzoro Smart S80 webmailattach.php os command injectionVulDBVulDB03/28/202404/05/202404/09/2024CVE-2024-3346306277
accepted
259389SourceCodester eLearning System Maintenance Module cross site scriptingVulDBVulDB04/03/202404/04/202404/04/2024CVE-2024-3321310122
accepted
259388SourceCodester eLearning System cross site scriptingVulDBVulDB04/03/202404/04/202404/04/2024CVE-2024-3320310103
accepted
259387SourceCodester Computer Laboratory Management System view_category.php sql injectionVulDBVulDB04/03/202404/04/202404/04/2024CVE-2024-3316309584
accepted
259386SourceCodester Computer Laboratory Management System user.php sql injectionVulDBVulDB04/03/202404/04/202404/04/2024CVE-2024-3315309575
accepted
259385SourceCodester Computer Laboratory Management System Users.php sql injectionVulDBVulDB04/03/202404/04/202404/04/2024CVE-2024-3314309526
accepted
259369Dreamer CMS ThemesController.java ZipUtils.unZipFiles path traversalVulDBVulDB03/25/202404/04/202404/04/2024CVE-2024-3311303874
accepted
259285D-Link DNS-320L/DNS-320LW/DNS-327L HTTP GET Request info.cgi information disclosureVulDBVulDB03/26/202404/03/202404/05/2024CVE-2024-3274304706
accepted
259284D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi command injectionVulDBVulDB03/26/202404/03/202404/11/2024CVE-2024-3273304661
accepted
259283D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentialsVulDBVulDB04/03/202404/11/2024CVE-2024-3272
 
accepted
259282ThingsBoard AdvancedFeature access controlVulDBVulDB03/19/202404/03/202404/03/2024CVE-2024-3270301359
accepted
259108SourceCodester Internship Portal Management System delete_activity.php sql injectionVulDBVulDB04/03/202404/03/202404/03/2024CVE-2024-3259309220
accepted
259107SourceCodester Internship Portal Management System add_activity.php sql injectionVulDBVulDB04/03/202404/03/202404/03/2024CVE-2024-3258309219
accepted
259106SourceCodester Internship Portal Management System edit_activity_query.php sql injectionVulDBVulDB04/03/202404/03/202404/03/2024CVE-2024-3257309218
accepted
259105SourceCodester Internship Portal Management System edit_activity.php sql injectionVulDBVulDB04/03/202404/03/202404/03/2024CVE-2024-3256309217
accepted
259104SourceCodester Internship Portal Management System edit_admin_query.php sql injectionVulDBVulDB04/03/202404/03/202404/03/2024CVE-2024-3255309216
accepted
259103SourceCodester Internship Portal Management System edit_admin.php sql injectionVulDBVulDB04/03/202404/03/202404/03/2024CVE-2024-3254309215
accepted
259102SourceCodester Internship Portal Management System add_admin.php sql injectionVulDBVulDB04/03/202404/03/202404/03/2024CVE-2024-3253309214
accepted
259101SourceCodester Internship Portal Management System check_admin.php sql injectionVulDBVulDB04/03/202404/03/202404/03/2024CVE-2024-3252309212
accepted
259100SourceCodester Computer Laboratory Management System sql injectionVulDBVulDB04/02/202404/03/202404/03/2024CVE-2024-3251309091
accepted
259072Panwei eoffice OA Backend save_image.php path traversalVulDBVulDB04/02/202404/02/202404/02/2024CVE-2024-3227308750
accepted
259071Campcodes Online Patient Record Management System login.php sql injectionVulDBVulDB04/02/202404/02/202404/02/2024CVE-2024-3226308644
accepted
259070SourceCodester PHP Task Management System edit-task.php sql injectionVulDBVulDB04/02/202404/02/202404/02/2024CVE-2024-3225308642
accepted
259069SourceCodester PHP Task Management System task-details.php sql injectionVulDBVulDB04/02/202404/02/202404/02/2024CVE-2024-3224308631
accepted
259068SourceCodester PHP Task Management System admin-manage-user.php sql injectionVulDBVulDB04/02/202404/02/202404/02/2024CVE-2024-3223308628
accepted
259067SourceCodester PHP Task Management System admin-password-change.php sql injectionVulDBVulDB04/02/202404/02/202404/02/2024CVE-2024-3222308627
accepted
259066SourceCodester PHP Task Management System attendance-info.php sql injectionVulDBVulDB04/02/202404/02/202404/02/2024CVE-2024-3221308626
accepted
259065Shibang Communications IP Network Intercom Broadcasting System busyscreenshotpush.php path traversalVulDBVulDB04/02/202404/02/202404/02/2024CVE-2024-3218308510
accepted
259055UPX bele.h get_ne64 heap-based overflowVulDBVulDB03/26/202404/02/202404/02/2024CVE-2024-3209304575
accepted
259054ermig1979 Simd SimdMemoryStream.h ReadUnsigned heap-based overflowVulDBVulDB03/26/202404/02/202404/02/2024CVE-2024-3207304572
accepted
259052yaml libyaml emitter.c yaml_emitter_emit_flow_sequence_item heap-based overflowVulDBVulDB03/26/202404/02/202404/02/2024CVE-2024-3205304561
accepted
259051c-blosc2 ndlz4x4.c ndlz4_decompress heap-based overflowVulDBVulDB03/26/202404/02/202404/06/2024CVE-2024-3204304557
accepted
259050c-blosc2 ndlz8x8.c ndlz8_decompress heap-based overflowVulDBVulDB03/26/202404/02/202404/06/2024CVE-2024-3203304556
accepted
259049codelyfe Stupid Simple CMS Login Page excessive authenticationVulDBVulDB03/25/202404/02/202404/02/2024CVE-2024-3202303941
accepted
258933Intelbras HDCVI 1016 HTTP GET Request cap.js information disclosure [Disputed]VulDBVulDB03/27/202404/01/202404/01/2024CVE-2024-3160305410
accepted
258924Bdtask Multi-Store Inventory Management System Stock Movement Page cross-site request forgeryVulDBVulDB03/25/202404/01/202404/02/2024CVE-2024-3151303898
accepted
258923DedeCMS makehtml_archives_action.php sql injectionVulDBVulDB03/25/202404/01/202404/01/2024CVE-2024-3148303889
accepted
258922DedeCMS makehtml_map.php cross-site request forgeryVulDBVulDB03/25/202404/01/202404/01/2024CVE-2024-3147303957
accepted
258921DedeCMS makehtml_rss_action.php cross-site request forgeryVulDBVulDB03/25/202404/01/202404/01/2024CVE-2024-3146303956
accepted
258920DedeCMS makehtml_js_action.php cross-site request forgeryVulDBVulDB03/25/202404/01/202404/01/2024CVE-2024-3145303955
accepted
258919DedeCMS makehtml_spec.php cross-site request forgeryVulDBVulDB03/25/202404/01/202404/01/2024CVE-2024-3144303954
accepted
258918DedeCMS member_rank.php cross-site request forgeryVulDBVulDB03/23/202404/01/202404/01/2024CVE-2024-3143303432
accepted
258917Clavister E10/E80 Setting cross-site request forgeryVulDBVulDB03/23/202404/01/202404/04/2024CVE-2024-3142303530
accepted
258916Clavister E10/E80 Misc Settings Page MiscSettings cross site scriptingVulDBVulDB03/23/202404/01/202404/04/2024CVE-2024-3141303451
accepted
258915SourceCodester Computer Laboratory Management System cross site scriptingVulDBVulDB04/01/202404/01/202404/01/2024CVE-2024-3140308214
accepted
258914SourceCodester Computer Laboratory Management System save_users improper authorizationVulDBVulDB04/01/202404/01/202404/01/2024CVE-2024-3139308207
accepted
258911francoisjacquet RosarioSIS Add Portal Note cross site scripting [Disputed]VulDBVulDB03/30/202404/01/202404/01/2024CVE-2024-3138307450
accepted
258874SourceCodester Computer Laboratory Management System sql injectionVulDBVulDB04/01/202404/01/202404/01/2024CVE-2024-3131308184
accepted
258873SourceCodester Image Accordion Gallery App add-image.php unrestricted uploadVulDBVulDB04/01/202404/01/202404/01/2024CVE-2024-3129308188
accepted
258869Replify-Messenger Backup File androidmanifest.xml backupVulDBVulDB03/31/202404/01/202404/01/2024CVE-2024-3128307761
accepted
258868Zebra ZTC GK420d Alert Setup Page settings cross site scriptingVulDBVulDB03/23/202404/01/202404/01/2024CVE-2024-3125303446
accepted
258867fridgecow smartalarm Backup File androidmanifest.xml backupVulDBVulDB03/31/202404/01/202404/01/2024CVE-2024-3124307752
accepted
258779Dreamer CMS Attachment permissionVulDBVulDB03/22/202403/30/202403/30/2024CVE-2024-3118303196
accepted
258778YouDianCMS ChannelAction.class.php unrestricted uploadVulDBVulDB03/22/202403/30/202403/30/2024CVE-2024-3117302925
accepted
258684PHPGurukul Emergency Ambulance Hiring Portal Search Request Page search.php cross site scriptingVulDBVulDB03/29/202403/29/202403/29/2024CVE-2024-3091306965
accepted
258683PHPGurukul Emergency Ambulance Hiring Portal Add Ambulance Page add-ambulance.php cross site scriptingVulDBVulDB03/29/202403/29/202403/29/2024CVE-2024-3090306964
accepted
258682PHPGurukul Emergency Ambulance Hiring Portal Manage Ambulance Page manage-ambulance.php cross-site request forgeryVulDBVulDB03/29/202403/29/202403/29/2024CVE-2024-3089306963
accepted
258681PHPGurukul Emergency Ambulance Hiring Portal Forgot Password Page forgot-password.php sql injectionVulDBVulDB03/29/202403/29/202403/29/2024CVE-2024-3088306962
accepted
258680PHPGurukul Emergency Ambulance Hiring Portal Ambulance Tracking Page ambulance-tracking.php sql injectionVulDBVulDB03/29/202403/29/202403/29/2024CVE-2024-3087306961
accepted
258679PHPGurukul Emergency Ambulance Hiring Portal Ambulance Tracking Page ambulance-tracking.php cross site scriptingVulDBVulDB03/29/202403/29/202403/29/2024CVE-2024-3086306960
accepted
258678PHPGurukul Emergency Ambulance Hiring Portal Admin Login Page login.php sql injectionVulDBVulDB03/29/202403/29/202403/29/2024CVE-2024-3085306958
accepted
258677PHPGurukul Emergency Ambulance Hiring Portal Hire an Ambulance Page cross site scriptingVulDBVulDB03/29/202403/29/202403/29/2024CVE-2024-3084306957
accepted
258613EasyCorp EasyAdmin Autocomplete autocomplete.js cross site scriptingVulDBVulDB03/29/202403/29/2024CVE-2024-3081
 
accepted
258611Qdrant Full Snapshot REST API snapshots.rs path traversalVulDBVulDB03/29/202403/29/2024CVE-2024-3078
 
accepted
258431SourceCodester Simple Subscription Website manage_user.php sql injectionVulDBVulDB03/28/202403/28/202403/28/2024CVE-2024-3042306119
accepted
258430Netentsec NS-ASG Application Security Gateway listloginfo.php sql injectionVulDBVulDB03/21/202403/28/202403/28/2024CVE-2024-3041302342
accepted
258429Netentsec NS-ASG Application Security Gateway list_crl_conf sql injectionVulDBVulDB03/21/202403/28/202403/28/2024CVE-2024-3040302340
accepted
258426Shanghai Brad Technology BladeX API export-user sql injectionVulDBVulDB03/20/202403/28/202403/28/2024CVE-2024-3039301469
accepted
258333appneta tcpreplay get.c get_layer4_v6 heap-based overflowVulDBVulDB03/13/202403/27/202403/27/2024CVE-2024-3024297866
accepted
258301SourceCodester Simple Subscription Website manage_plan.php sql injectionVulDBVulDB03/27/202403/27/202403/27/2024CVE-2024-3015305649
accepted
258300SourceCodester Simple Subscription Website Actions.php sql injectionVulDBVulDB03/27/202403/27/202403/27/2024CVE-2024-3014305648
accepted
258299FLIR AX8 User Registration improper authorizationVulDBVulDB03/20/202403/27/202403/27/2024CVE-2024-3013301588
accepted
258298Tenda FH1205 GetParentControlInfo stack-based overflowVulDBVulDB03/20/202403/27/202403/27/2024CVE-2024-3012301491
accepted
258297Tenda FH1205 QuickIndex formQuickIndex stack-based overflowVulDBVulDB03/20/202403/27/202403/27/2024CVE-2024-3011301490
accepted
258296Tenda FH1205 setcfm formSetCfm stack-based overflowVulDBVulDB03/20/202403/27/202403/27/2024CVE-2024-3010301489
accepted
258295Tenda FH1205 WriteFacMac formWriteFacMac command injectionVulDBVulDB03/20/202403/27/202403/27/2024CVE-2024-3009301488
accepted
258294Tenda FH1205 execCommand formexeCommand stack-based overflowVulDBVulDB03/20/202403/27/202403/27/2024CVE-2024-3008301487
accepted
258293Tenda FH1205 NatStaticSetting fromNatStaticSetting stack-based overflowVulDBVulDB03/20/202403/27/202403/27/2024CVE-2024-3007301486
accepted
258292Tenda FH1205 fromRouteStatic fromSetRouteStatic stack-based overflowVulDBVulDB03/20/202403/27/202403/27/2024CVE-2024-3006301485
accepted
258206code-projects Online Book System Product.php cross site scriptingVulDBVulDB03/27/202403/27/202403/27/2024CVE-2024-3004305059
accepted
258205code-projects Online Book System cart.php sql injectionVulDBVulDB03/27/202403/27/202403/27/2024CVE-2024-3003305057
accepted
258204code-projects Online Book System description.php sql injectionVulDBVulDB03/27/202403/27/202403/27/2024CVE-2024-3002305056
accepted
258203code-projects Online Book System Product.php sql injectionVulDBVulDB03/27/202403/27/202403/27/2024CVE-2024-3001305055
accepted
258202code-projects Online Book System index.php sql injectionVulDBVulDB03/27/202403/27/202403/27/2024CVE-2024-3000305052
accepted
258201Campcodes Online Art Gallery Management System adminHome.php sql injectionVulDBVulDB03/26/202403/27/202403/27/2024CVE-2024-2999304765
accepted
258200Bdtask Multi-Store Inventory Management System Store Update Page cross site scriptingVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2998301381
accepted
258199Bdtask Multi-Store Inventory Management System cross site scriptingVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2997301380
accepted
258198Bdtask Multi-Store Inventory Management System Page Title cross site scriptingVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2996301376
accepted
258197NUUO Camera deletefile.php denial of serviceVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2995301068
accepted
258163Tenda FH1203 GetParentControlInfo stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2994301373
accepted
258162Tenda FH1203 QuickIndex formQuickIndex stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2993301372
accepted
258161Tenda FH1203 setcfm formSetCfm stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2992301371
accepted
258160Tenda FH1203 WriteFacMac formWriteFacMac command injectionVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2991301366
accepted
258159Tenda FH1203 execCommand formexeCommand stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2990301365
accepted
258158Tenda FH1203 NatStaticSetting fromNatStaticSetting stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2989301364
accepted
258157Tenda FH1203 fromRouteStatic fromSetRouteStatic stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2988301363
accepted
258156Tenda FH1202 GetParentControlInfo stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2987301285
accepted
258155Tenda FH1202 SetSpeedWan formSetSpeedWan stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2986301284
accepted
258154Tenda FH1202 QuickIndex formQuickIndex stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2985301276
accepted
258153Tenda FH1202 setcfm formSetCfm stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2984301275
accepted
258152Tenda FH1202 SetClientState formSetClientState stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2983301274
accepted
258151Tenda FH1202 WriteFacMac formWriteFacMac command injectionVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2982301273
accepted
258150Tenda FH1202 fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2981301272
accepted
258149Tenda FH1202 execCommand formexeCommand stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2980301270
accepted
258148Tenda F1203 openSchedWifi setSchedWifi stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2979301030
accepted
258147Tenda F1203 setcfm formSetCfm stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2978301029
accepted
258146Tenda F1203 QuickIndex formQuickIndex stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2977301028
accepted
258145Tenda F1203 execCommand R7WebsSecurityHandler stack-based overflowVulDBVulDB03/19/202403/27/202403/27/2024CVE-2024-2976300997
accepted
258036Campcodes Online Examination System updateExaminee.php sql injectionVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2945304762
accepted
258035Campcodes Online Examination System deleteCourseExe.php sql injectionVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2944304760
accepted
258034Campcodes Online Examination System deleteExamExe.php sql injectionVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2943304759
accepted
258033Campcodes Online Examination System deleteQuestionExe.php sql injectionVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2942304758
accepted
258032Campcodes Online Examination System loginExe.php sql injectionVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2941304757
accepted
258031Campcodes Online Examination System updateCourse.php cross site scriptingVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2940304748
accepted
258030Campcodes Online Examination System updateExaminee.php cross site scriptingVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2939304747
accepted
258029Campcodes Online Examination System updateCourse.php sql injectionVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2938304746
accepted
258014SourceCodester Todo List in Kanban Board Add ToDo cross site scriptingVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2935304678
accepted
258013SourceCodester Todo List in Kanban Board delete-todo.php sql injectionVulDBVulDB03/26/202403/26/202403/26/2024CVE-2024-2934304677
accepted
258012SourceCodester Online Chatting System update_room.php sql injectionVulDBVulDB03/25/202403/26/202403/26/2024CVE-2024-2932304257
accepted
258001SourceCodester Music Gallery Site unrestricted uploadVulDBVulDB03/25/202403/26/202403/26/2024CVE-2024-2930304234
accepted
258000code-projects Mobile Shop Login Page Details.php sql injectionVulDBVulDB03/25/202403/26/202403/26/2024CVE-2024-2927304053
accepted
257983Campcodes House Rental Management System index.php file inclusionVulDBVulDB03/24/202403/26/202403/26/2024CVE-2024-2917303672
accepted
257982Campcodes House Rental Management System ajax.php sql injectionVulDBVulDB03/24/202403/26/202403/26/2024CVE-2024-2916303671
accepted
257979Tianjin PubliCMS cross-site request forgeryVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2911300339
accepted
257978Ruijie RG-EG350 HTTP POST Request vpnAction os command injectionVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2910300372
accepted
257977Ruijie RG-EG350 HTTP POST Request setAction os command injectionVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2909300368
accepted
257946Tenda AC7 GetParentControlInfo stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2903300452
accepted
257945Tenda AC7 WifiGuestSet fromSetWifiGusetBasic stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2902300449
accepted
257944Tenda AC7 openSchedWifi setSchedWifi stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2901300367
accepted
257943Tenda AC7 saveParentControlInfo stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2900300364
accepted
257942Tenda AC7 WifiExtraSet fromSetWirelessRepeat stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2899300362
accepted
257941Tenda AC7 SetStaticRouteCfg fromSetRouteStatic stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2898300361
accepted
257940Tenda AC7 WriteFacMac formWriteFacMac os command injectionVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2897300360
accepted
257939Tenda AC7 WifiWpsStart formWifiWpsStart stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2896300359
accepted
257938Tenda AC7 WifiWpsOOB formWifiWpsOOB stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2895300358
accepted
257937Tenda AC7 SetNetControlList formSetQosBand stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2894300357
accepted
257936Tenda AC7 SetOnlineDevName formSetDeviceName stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2893300356
accepted
257935Tenda AC7 setcfm formSetCfm stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2892300355
accepted
257934Tenda AC7 QuickIndex formQuickIndex stack-based overflowVulDBVulDB03/18/202403/26/202403/26/2024CVE-2024-2891300354
accepted
257780Tenda AC10 SetSysTimeCfg fromSetSysTime stack-based overflowVulDBVulDB03/16/202403/23/202403/23/2024CVE-2024-2856299741
accepted
257779Tenda AC15 SetSysTimeCfg fromSetSysTime stack-based overflowVulDBVulDB03/16/202403/23/202403/23/2024CVE-2024-2855299739
accepted
257778Tenda AC18 setsambacfg formSetSambaConf os command injectionVulDBVulDB03/16/202403/23/202403/23/2024CVE-2024-2854299709
accepted
257777Tenda AC10U setsambacfg formSetSambaConf os command injectionVulDBVulDB03/16/202403/23/202403/23/2024CVE-2024-2853299707
accepted
257776Tenda AC15 saveParentControlInfo stack-based overflowVulDBVulDB03/16/202403/23/202403/23/2024CVE-2024-2852299697
accepted
257775Tenda AC15 setsambacfg formSetSambaConf os command injectionVulDBVulDB03/16/202403/23/202403/23/2024CVE-2024-2851299687
accepted
257774Tenda AC15 saveParentControlInfo stack-based overflowVulDBVulDB03/16/202403/23/202403/23/2024CVE-2024-2850299686
accepted
257770SourceCodester Simple File Manager unrestricted uploadVulDBVulDB03/22/202403/22/202403/22/2024CVE-2024-2849303123
accepted
257752Campcodes Online Shopping System offersmail.php cross site scriptingVulDBVulDB03/22/202403/22/202403/22/2024CVE-2024-2832302978
accepted
257718lakernote EasyAdmin IndexController.java thumbnail server-side request forgeryVulDBVulDB03/16/202403/22/202403/22/2024CVE-2024-2828299512
accepted
257717lakernote EasyAdmin saveReportFile server-side request forgeryVulDBVulDB03/15/202403/22/202403/22/2024CVE-2024-2827299169
accepted
257716lakernote EasyAdmin saveReportFile xml external entity referenceVulDBVulDB03/22/202403/22/2024CVE-2024-2826
 
accepted
257715lakernote EasyAdmin saveReportFile path traversalVulDBVulDB03/22/202403/22/2024CVE-2024-2825
 
accepted
257711Matthias-Wandel jhead exif.c PrintFormatNumber heap-based overflowVulDBVulDB03/15/202403/22/202403/22/2024CVE-2024-2824299088
accepted
257710DedeCMS mda_main.php cross-site request forgeryVulDBVulDB03/15/202403/22/202403/22/2024CVE-2024-2823299110
accepted
257709DedeCMS vote_edit.php cross-site request forgeryVulDBVulDB03/14/202403/22/202403/22/2024CVE-2024-2822298584
accepted
257708DedeCMS friendlink_edit.php cross-site request forgeryVulDBVulDB03/14/202403/22/202403/22/2024CVE-2024-2821298582
accepted
257707DedeCMS baidunews.php cross-site request forgeryVulDBVulDB03/14/202403/22/202403/22/2024CVE-2024-2820298581
accepted
257672Tenda AC15 SysToolRestoreSet fromSysToolRestoreSet cross-site request forgeryVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2817298702
accepted
257671Tenda AC15 SysToolReboot fromSysToolReboot cross-site request forgeryVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2816298701
accepted
257670Tenda AC15 Cookie execCommand R7WebsSecurityHandler stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2815298672
accepted
257669Tenda AC15 DhcpListClient fromDhcpListClient stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2814298608
accepted
257668Tenda AC15 fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2813298604
accepted
257667Tenda AC15 WriteFacMac formWriteFacMac os command injectionVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2812298603
accepted
257666Tenda AC15 WifiWpsStart formWifiWpsStart stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2811298602
accepted
257665Tenda AC15 WifiWpsOOB formWifiWpsOOB stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2810298601
accepted
257664Tenda AC15 SetFirewallCfg formSetFirewallCfg stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2809298600
accepted
257663Tenda AC15 QuickIndex formQuickIndex stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2808298596
accepted
257662Tenda AC15 expandDlnaFile formExpandDlnaFile stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2807298593
accepted
257661Tenda AC15 addWifiMacFilter stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2806298591
accepted
257660Tenda AC15 SetSpeedWan formSetSpeedWan stack-based overflowVulDBVulDB03/14/202403/21/202403/21/2024CVE-2024-2805298590
accepted
257614Campcodes Online Marriage Registration System admin-profile.php cross site scriptingVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2780302433
accepted
257613Campcodes Online Marriage Registration System application-bwdates-reports-details.php cross site scriptingVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2779302432
accepted
257612Campcodes Online Marriage Registration System search.php cross site scriptingVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2778302431
accepted
257611Campcodes Online Marriage Registration System application-bwdates-reports-details.php sql injectionVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2777302430
accepted
257610Campcodes Online Marriage Registration System search.php sql injectionVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2776302429
accepted
257609Campcodes Online Marriage Registration System user-profile.php cross site scriptingVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2775302407
accepted
257608Campcodes Online Marriage Registration System search.php sql injectionVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2774302406
accepted
257607Campcodes Online Marriage Registration System search.php cross site scriptingVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2773302405
accepted
257606Campcodes Complete Online Beauty Parlor Management System contact-us.php sql injectionVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2770302367
accepted
257605Campcodes Complete Online Beauty Parlor Management System admin-profile.php sql injectionVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2769302366
accepted
257604Campcodes Complete Online Beauty Parlor Management System edit-services.php sql injectionVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2768302365
accepted
257603Campcodes Complete Online Beauty Parlor Management System forgot-password.php sql injectionVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2767302364
accepted
257602Campcodes Complete Online Beauty Parlor Management System index.php sql injectionVulDBVulDB03/21/202403/21/202403/21/2024CVE-2024-2766302363
accepted
257601Tenda AC10U SetPptpServerCfg formSetPPTPServer stack-based overflowVulDBVulDB03/13/202403/21/202403/21/2024CVE-2024-2764297908
accepted
257600Tenda AC10U setcfm formSetCfm stack-based overflowVulDBVulDB03/13/202403/21/202403/21/2024CVE-2024-2763297895
accepted
257544SourceCodester Complete E-Commerce Site users_photo.php unrestricted uploadVulDBVulDB03/20/202403/21/202403/21/2024CVE-2024-2754302026
accepted
257473Campcodes Complete Online DJ Booking System aboutus.php cross site scriptingVulDBVulDB03/20/202403/20/202403/20/2024CVE-2024-2720301512
accepted
257472Campcodes Complete Online DJ Booking System admin-profile.php cross site scriptingVulDBVulDB03/20/202403/20/202403/20/2024CVE-2024-2719301510
accepted
257471Campcodes Complete Online DJ Booking System booking-bwdates-reports-details.php cross site scriptingVulDBVulDB03/20/202403/20/202403/20/2024CVE-2024-2718301509
accepted
257470Campcodes Complete Online DJ Booking System booking-search.php cross site scriptingVulDBVulDB03/20/202403/20/202403/20/2024CVE-2024-2717301508
accepted
257469Campcodes Complete Online DJ Booking System contactus.php cross site scriptingVulDBVulDB03/20/202403/20/202403/20/2024CVE-2024-2716301507
accepted
257468Campcodes Complete Online DJ Booking System user-search.php cross site scriptingVulDBVulDB03/20/202403/20/202403/20/2024CVE-2024-2715301506
accepted
257467Campcodes Complete Online DJ Booking System booking-bwdates-reports-details.php sql injectionVulDBVulDB03/20/202403/20/202403/20/2024CVE-2024-2714301504
accepted
257466Campcodes Complete Online DJ Booking System booking-search.php sql injectionVulDBVulDB03/20/202403/20/202403/20/2024CVE-2024-2713301503
accepted
257465Campcodes Complete Online DJ Booking System user-search.php sql injectionVulDBVulDB03/20/202403/20/202403/20/2024CVE-2024-2712301502
accepted
257462Tenda AC10U addWifiMacFilter stack-based overflowVulDBVulDB03/13/202403/20/202403/20/2024CVE-2024-2711297741
accepted
257461Tenda AC10U openSchedWifi setSchedWifi stack-based overflowVulDBVulDB03/13/202403/20/202403/20/2024CVE-2024-2710297730
accepted
257460Tenda AC10U SetStaticRouteCfg fromSetRouteStatic stack-based overflowVulDBVulDB03/13/202403/20/202403/20/2024CVE-2024-2709297728
accepted
257459Tenda AC10U execCommand formexeCommand stack-based overflowVulDBVulDB03/13/202403/20/202403/20/2024CVE-2024-2708297727
accepted
257458Tenda AC10U WriteFacMac formWriteFacMac os command injectionVulDBVulDB03/13/202403/20/202403/20/2024CVE-2024-2707297721
accepted
257457Tenda AC10U WifiWpsStart formWifiWpsStart stack-based overflowVulDBVulDB03/13/202403/20/202403/20/2024CVE-2024-2706297719
accepted
257456Tenda AC10U SetNetControlList formSetQosBand stack-based overflowVulDBVulDB03/13/202403/20/202403/20/2024CVE-2024-2705297715
accepted
257455Tenda AC10U SetFirewallCfg formSetFirewallCfg stack-based overflowVulDBVulDB03/13/202403/20/202403/20/2024CVE-2024-2704297714
accepted
257454Tenda AC10U SetOnlineDevName formSetDeviceName stack-based overflowVulDBVulDB03/13/202403/20/202403/20/2024CVE-2024-2703297704
accepted
257388SourceCodester Online Discussion Forum Site uupdate.php unrestricted uploadVulDBVulDB03/19/202403/19/202403/19/2024CVE-2024-2690301361
accepted
257387Campcodes Online Job Finder System index.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2687300481
accepted
257386Campcodes Online Job Finder System controller.php cross site scriptingVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2686300480
accepted
257385Campcodes Online Job Finder System index.php cross site scriptingVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2685300456
accepted
257384Campcodes Online Job Finder System index.php cross site scriptingVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2684300455
accepted
257383Campcodes Online Job Finder System index.php cross site scriptingVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2683300454
accepted
257382Campcodes Online Job Finder System controller.php cross site scriptingVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2682300453
accepted
257381Campcodes Online Job Finder System index.php cross site scriptingVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2681300451
accepted
257380Campcodes Online Job Finder System index.php cross site scriptingVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2680300450
accepted
257379Campcodes Online Job Finder System index.php cross site scriptingVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2679300448
accepted
257378Campcodes Online Job Finder System controller.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2678300447
accepted
257377Campcodes Online Job Finder System controller.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2677300443
accepted
257376Campcodes Online Job Finder System controller.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2676300438
accepted
257375Campcodes Online Job Finder System index.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2675300437
accepted
257374Campcodes Online Job Finder System index.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2674300436
accepted
257373Campcodes Online Job Finder System login.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2673300435
accepted
257372Campcodes Online Job Finder System controller.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2672300434
accepted
257371Campcodes Online Job Finder System index.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2671300433
accepted
257370Campcodes Online Job Finder System index.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2670300432
accepted
257369Campcodes Online Job Finder System GET Parameter controller.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2669300431
accepted
257368Campcodes Online Job Finder System controller.php sql injectionVulDBVulDB03/18/202403/19/202403/19/2024CVE-2024-2668300439
accepted
257287Netentsec NS-ASG Application Security Gateway deleteonlineuser.php sql injectionVulDBVulDB03/12/202403/19/202403/19/2024CVE-2024-2649296986
accepted
257286Netentsec NS-ASG Application Security Gateway naccheck.php xpath injectionVulDBVulDB03/12/202403/19/202403/19/2024CVE-2024-2648296965
accepted
257285Netentsec NS-ASG Application Security Gateway singlelogin.php sql injectionVulDBVulDB03/12/202403/19/202403/19/2024CVE-2024-2647296945
accepted
257284Netentsec NS-ASG Application Security Gateway sql injectionVulDBVulDB03/12/202403/19/202403/19/2024CVE-2024-2646296944
accepted
257283Netentsec NS-ASG Application Security Gateway resetpwd.php xpath injectionVulDBVulDB03/12/202403/19/202403/19/2024CVE-2024-2645296942
accepted
257282Netentsec NS-ASG Application Security Gateway addfirewall.php sql injectionVulDBVulDB03/12/202403/19/202403/19/2024CVE-2024-2644296938
accepted
257281Ruijie RG-NBS2009G-P EXCU_SHELL command injectionVulDBVulDB03/12/202403/19/202403/19/2024CVE-2024-2642296829
accepted
257280Ruijie RG-NBS2009G-P Password passwdManage.htm improper authorizationVulDBVulDB03/12/202403/19/202403/19/2024CVE-2024-2641296828
accepted
257245Bdtask Wholesale Inventory Management System session fixiationVulDBVulDB03/11/202403/19/202403/19/2024CVE-2024-2639296304
accepted
257199Fujian Kelixin Communication Command and Dispatch Platform editemedia.php sql injectionVulDBVulDB03/18/202403/18/202403/18/2024CVE-2024-2622300304
accepted
257198Fujian Kelixin Communication Command and Dispatch Platform pwd_update.php sql injectionVulDBVulDB03/18/202403/18/202403/18/2024CVE-2024-2621300294
accepted
257197Fujian Kelixin Communication Command and Dispatch Platform down_file.php sql injectionVulDBVulDB03/18/202403/18/202403/18/2024CVE-2024-2620300236
accepted
257182SourceCodester File Manager App update-file.php unrestricted uploadVulDBVulDB03/17/202403/18/202403/19/2024CVE-2024-2604300038
accepted
257081Tenda AC10 SetStaticRouteCfg fromSetRouteStatic stack-based overflowVulDBVulDB03/09/202403/17/202403/17/2024CVE-2024-2581295689
accepted
257080SourceCodester Employee Task Management System update-employee.php authorizationVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2577299786
accepted
257079SourceCodester Employee Task Management System update-admin.php authorizationVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2576299785
accepted
257078SourceCodester Employee Task Management System task-details.php authorizationVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2575299784
accepted
257077SourceCodester Employee Task Management System edit-task.php authorizationVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2574299775
accepted
257076SourceCodester Employee Task Management System task-info.php redirectVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2573299774
accepted
257075SourceCodester Employee Task Management System task-details.php redirectVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2572299773
accepted
257074SourceCodester Employee Task Management System manage-admin.php redirectVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2571299772
accepted
257073SourceCodester Employee Task Management System edit-task.php redirectVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2570299771
accepted
257072SourceCodester Employee Task Management System admin-manage-user.php redirectVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2569299770
accepted
257071heyewei JFinalCMS Custom Data Page sql injectionVulDBVulDB03/16/202403/17/202403/17/2024CVE-2024-2568299736
accepted
257070jurecapuder AndroidWeatherApp Backup File androidmanifest.xml backupVulDBVulDB03/10/202403/17/202403/17/2024CVE-2024-2567296069
accepted
257065Fujian Kelixin Communication Command and Dispatch Platform get_extension_yl.php sql injectionVulDBVulDB03/13/202403/16/202403/16/2024CVE-2024-2566297627
accepted
257064PandaXGO PandaX File Extension upload.go unrestricted uploadVulDBVulDB03/10/202403/16/202403/16/2024CVE-2024-2565295981
accepted
257063PandaXGO PandaX user.go ExportUser path traversalVulDBVulDB03/10/202403/16/202403/16/2024CVE-2024-2564295980
accepted
257062PandaXGO PandaX upload.go DeleteImage path traversalVulDBVulDB03/10/202403/16/202403/16/2024CVE-2024-2563295973
accepted
257061PandaXGO PandaX role_menu.go InsertRole sql injectionVulDBVulDB03/10/202403/16/202403/16/2024CVE-2024-2562295972
accepted
25706074CMS Company Logo Index.php#sendCompanyLogo unrestricted uploadVulDBVulDB03/07/202403/16/202403/16/2024CVE-2024-2561294871
accepted
257059Tenda AC18 SysToolRestoreSet fromSysToolRestoreSet cross-site request forgeryVulDBVulDB03/08/202403/16/202403/16/2024CVE-2024-2560295360
accepted
257058Tenda AC18 SysToolReboot fromSysToolReboot cross-site request forgeryVulDBVulDB03/08/202403/16/202403/16/2024CVE-2024-2559295359
accepted
257057Tenda AC18 execCommand formexeCommand stack-based overflowVulDBVulDB03/08/202403/16/202403/16/2024CVE-2024-2558295358
accepted
257056kishor-23 Food Waste Management System admin.php improper authorizationVulDBVulDB03/07/202403/16/202403/16/2024CVE-2024-2557294703
accepted
257055SourceCodester Employee Task Management System attendance-info.php sql injectionVulDBVulDB03/15/202403/16/202403/16/2024CVE-2024-2556299164
accepted
257054SourceCodester Employee Task Management System update-admin.php sql injectionVulDBVulDB03/15/202403/16/202403/16/2024CVE-2024-2555298976
accepted
257053SourceCodester Employee Task Management System update-employee.php sql injectionVulDBVulDB03/15/202403/16/202403/16/2024CVE-2024-2554298974
accepted
257052SourceCodester Product Review Rating System Rate Product cross site scriptingVulDBVulDB03/14/202403/16/202403/26/2024CVE-2024-2553298886
accepted
257000Tenda AC18 R7WebsSecurityHandler stack-based overflowVulDBVulDB03/07/202403/15/202403/15/2024CVE-2024-2547294838
accepted
256999Tenda AC18 fromSetWirelessRepeat stack-based overflowVulDBVulDB03/07/202403/15/202403/16/2024CVE-2024-2546294836
accepted
256972MAGESH-K21 Online-College-Event-Hall-Reservation-System users.php cross site scriptingVulDBVulDB03/08/202403/15/202403/15/2024CVE-2024-2535295403
accepted
256971MAGESH-K21 Online-College-Event-Hall-Reservation-System users.php sql injectionVulDBVulDB03/08/202403/15/202403/15/2024CVE-2024-2534295401
accepted
256970MAGESH-K21 Online-College-Event-Hall-Reservation-System update-users.php cross site scriptingVulDBVulDB03/08/202403/15/202403/15/2024CVE-2024-2533295229
accepted
256969MAGESH-K21 Online-College-Event-Hall-Reservation-System update-users.php sql injectionVulDBVulDB03/08/202403/15/202403/15/2024CVE-2024-2532295227
accepted
256968MAGESH-K21 Online-College-Event-Hall-Reservation-System update-rooms.php unrestricted uploadVulDBVulDB03/08/202403/15/202403/15/2024CVE-2024-2531295226
accepted
256967MAGESH-K21 Online-College-Event-Hall-Reservation-System update-rooms.php cross site scriptingVulDBVulDB03/08/202403/15/202403/15/2024CVE-2024-2530295225
accepted
256966MAGESH-K21 Online-College-Event-Hall-Reservation-System rooms.php unrestricted uploadVulDBVulDB03/08/202403/15/202403/15/2024CVE-2024-2529295224
accepted
256965MAGESH-K21 Online-College-Event-Hall-Reservation-System update-rooms.php sql injectionVulDBVulDB03/08/202403/15/202403/15/2024CVE-2024-2528295223
accepted
256964MAGESH-K21 Online-College-Event-Hall-Reservation-System rooms.php sql injectionVulDBVulDB03/08/202403/15/202403/15/2024CVE-2024-2527295205
accepted
256963MAGESH-K21 Online-College-Event-Hall-Reservation-System rooms.php cross site scriptingVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2526294257
accepted
256962MAGESH-K21 Online-College-Event-Hall-Reservation-System receipt.php cross site scriptingVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2525294253
accepted
256961MAGESH-K21 Online-College-Event-Hall-Reservation-System receipt.php sql injectionVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2524294243
accepted
256960MAGESH-K21 Online-College-Event-Hall-Reservation-System booktime.php cross site scriptingVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2523294240
accepted
256959MAGESH-K21 Online-College-Event-Hall-Reservation-System booktime.php sql injectionVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2522294239
accepted
256958MAGESH-K21 Online-College-Event-Hall-Reservation-System bookdate.php cross site scriptingVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2521294238
accepted
256957MAGESH-K21 Online-College-Event-Hall-Reservation-System bookdate.php sql injectionVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2520294236
accepted
256956MAGESH-K21 Online-College-Event-Hall-Reservation-System navbar.php cross site scriptingVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2519294235
accepted
256955MAGESH-K21 Online-College-Event-Hall-Reservation-System book_history.php cross site scriptingVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2518294234
accepted
256954MAGESH-K21 Online-College-Event-Hall-Reservation-System book_history.php sql injectionVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2517294233
accepted
256953MAGESH-K21 Online-College-Event-Hall-Reservation-System home.php sql injectionVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2516294232
accepted
256952MAGESH-K21 Online-College-Event-Hall-Reservation-System home.php cross site scriptingVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2515294231
accepted
256951MAGESH-K21 Online-College-Event-Hall-Reservation-System login.php sql injectionVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2514294230
accepted
256919RaspAP raspap-webgui HTTP POST Request provider.php code injectionVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2497294400
accepted
256897Tenda AC18 openSchedWifi setSchedWifi stack-based overflowVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2490294193
accepted
256896Tenda AC18 SetNetControlList formSetQosBand stack-based overflowVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2489294182
accepted
256895Tenda AC18 SetPptpServerCfg formSetPPTPServer stack-based overflowVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2488294181
accepted
256894Tenda AC18 SetOnlineDevName formSetDeviceName stack-based overflowVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2487294178
accepted
256893Tenda AC18 QuickIndex formQuickIndex stack-based overflowVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2486294166
accepted
256892Tenda AC18 SetSpeedWan formSetSpeedWan stack-based overflowVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2485294159
accepted
256891Surya2Developer Hostel Management Service HTTP POST Request check_availability.php observable response discrepancyVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2482294112
accepted
256890Surya2Developer Hostel Management System manage-students.php access controlVulDBVulDB03/05/202403/15/202403/15/2024CVE-2024-2481293582
accepted
256889Surya2Developer Hostel Management Service Password Change change-password.php cross-site request forgeryVulDBVulDB03/06/202403/15/202403/15/2024CVE-2024-2483294125
accepted
256888MHA Sistemas arMHAzena Executa Page sql injectionVulDBVulDB03/05/202403/15/202403/16/2024CVE-2024-2480293699
accepted
256887MHA Sistemas arMHAzena Cadastro Page cross site scriptingVulDBVulDB03/05/202403/15/202403/16/2024CVE-2024-2479293698
accepted
256886BradWenqiang HR Background Management register selectAll sql injectionVulDBVulDB03/03/202403/15/202403/15/2024CVE-2024-2478292641
accepted
256705SourceCodester Best POS Management System view_order.php sql injectionVulDBVulDB03/13/202403/13/202403/13/2024CVE-2024-2418297680
accepted
256503Gacjie Server Upload.php index unrestricted uploadVulDBVulDB03/04/202403/12/202404/09/2024CVE-2024-2406293104
accepted
256454SourceCodester Employee Management System add-admin.php unrestricted uploadVulDBVulDB03/12/202403/12/202404/08/2024CVE-2024-2394296822
accepted
256453SourceCodester CRUD without Page Reload add_user.php sql injectionVulDBVulDB03/11/202403/12/202404/08/2024CVE-2024-2393296430
accepted
256442EVE-NG Lab cross site scriptingVulDBVulDB03/03/202403/12/202404/08/2024CVE-2024-2391292637
accepted
256321Musicshelf SHA-1 PinningTrustManager.java weak password hashVulDBVulDB03/10/202403/10/202404/08/2024CVE-2024-2365296043
accepted
256320Musicshelf Backup androidmanifest.xml backupVulDBVulDB03/10/202403/10/202404/08/2024CVE-2024-2364296027
accepted
256318AOL AIM Triton Invite denial of serviceVulDBVulDB03/03/202403/10/202404/08/2024CVE-2024-2363292638
accepted
256315keerti1924 Secret-Coder-PHP-Project secret_coder.sql sensitive information in sourceVulDBVulDB02/28/202403/09/202404/08/2024CVE-2024-2355289387
accepted
256314Dreamer CMS toEdit cross-site request forgeryVulDBVulDB03/02/202403/09/202404/08/2024CVE-2024-2354291961
accepted
256313Totolink X6000R shttpd cstecgi.cgi setDiagnosisCfg os command injectionVulDBVulDB03/02/202403/09/202404/08/2024CVE-2024-2353291911
accepted
2563041Panel swap baseApi.UpdateDeviceSwap command injectionVulDBVulDB03/09/202403/09/202404/08/2024CVE-2024-2352295611
accepted
256303CodeAstro Ecommerce Site Search action.php sql injectionVulDBVulDB03/08/202403/09/202404/08/2024CVE-2024-2351295330
accepted
256284CodeAstro Membership Management System add_members.php sql injectionVulDBVulDB03/05/202403/08/202404/08/2024CVE-2024-2333293458
accepted
256283SourceCodester Online Mobile Management Store HTTP GET Request manage_category.php sql injectionVulDBVulDB03/05/202403/08/202404/08/2024CVE-2024-2332293403
accepted
256282SourceCodester Tourist Reservation System System.cpp ad_writedata buffer overflowVulDBVulDB03/04/202403/08/202404/08/2024CVE-2024-2331293125
accepted
256281Netentsec NS-ASG Application Security Gateway index.php sql injectionVulDBVulDB02/28/202403/08/202404/08/2024CVE-2024-2330289540
accepted
256280Netentsec NS-ASG Application Security Gateway sql injectionVulDBVulDB02/28/202403/08/202404/08/2024CVE-2024-2329289539
accepted
256272ZKTeco ZKBio Media Service Port 9999 download path traversalVulDBVulDB02/26/202403/08/202404/08/2024CVE-2024-2318288530
accepted
256271Bdtask Hospital AutoManager Prescription Page improper authorizationVulDBVulDB02/27/202403/08/202404/08/2024CVE-2024-2317288753
accepted
256270Bdtask Hospital AutoManager Update Bill Page cross-site request forgeryVulDBVulDB02/27/202403/08/202404/08/2024CVE-2024-2316288752
accepted
256052boyiddha Automated-Mess-Management-System member_edit.php cross site scriptingVulDBVulDB02/26/202403/07/202404/05/2024CVE-2024-2285288300
accepted
256051boyiddha Automated-Mess-Management-System Chat Book chat.php cross site scriptingVulDBVulDB02/26/202403/07/202404/05/2024CVE-2024-2284288296
accepted
256050boyiddha Automated-Mess-Management-System view.php sql injectionVulDBVulDB02/26/202403/07/202404/05/2024CVE-2024-2283288293
accepted
256049boyiddha Automated-Mess-Management-System Login Page index.php sql injectionVulDBVulDB02/26/202403/07/202404/05/2024CVE-2024-2282288282
accepted
256048boyiddha Automated-Mess-Management-System Setting index.php access controlVulDBVulDB02/26/202403/07/202404/05/2024CVE-2024-2281288270
accepted
256046Bdtask G-Prescription Gynaecology & OBS Consultation Software Password Reset change_password_save cross-site request forgeryVulDBVulDB02/22/202403/07/202404/05/2024CVE-2024-2277286410
accepted
256045Bdtask G-Prescription Gynaecology & OBS Consultation Software Edit Venue Page cross site scriptingVulDBVulDB02/22/202403/07/202404/05/2024CVE-2024-2276286402
accepted
256044Bdtask G-Prescription Gynaecology & OBS Consultation Software OBS Patient/Gynee Prescription cross site scriptingVulDBVulDB03/07/202404/05/2024CVE-2024-2275
 
accepted
256043Bdtask G-Prescription Gynaecology & OBS Consultation Software Prescription Dashboard Index cross site scriptingVulDBVulDB03/07/202404/05/2024CVE-2024-2274
 
accepted
256042keerti1924 Online-Book-Store-Website HTTP POST Request home.php sql injectionVulDBVulDB02/26/202403/07/202404/05/2024CVE-2024-2272288211
accepted
256041keerti1924 Online-Book-Store-Website HTTP POST Request shop.php sql injectionVulDBVulDB02/26/202403/07/202404/05/2024CVE-2024-2271288209
accepted
256040keerti1924 Online-Book-Store-Website signup.php cross site scriptingVulDBVulDB02/25/202403/07/202404/05/2024CVE-2024-2270287778
accepted
256039keerti1924 Online-Book-Store-Website search.php sql injectionVulDBVulDB02/25/202403/07/202404/05/2024CVE-2024-2269287777
accepted
256038keerti1924 Online-Book-Store-Website unrestricted uploadVulDBVulDB02/25/202403/07/202404/05/2024CVE-2024-2268287775
accepted
256037keerti1924 Online-Book-Store-Website shop.php logic errorVulDBVulDB02/25/202403/07/202404/05/2024CVE-2024-2267287770
accepted
256036keerti1924 Secret-Coder-PHP-Project Login Page login.php cross site scriptingVulDBVulDB02/25/202403/07/202404/05/2024CVE-2024-2266287716
accepted
256035keerti1924 PHP-MYSQL-User-Login-System login.sql sensitive information in sourceVulDBVulDB02/25/202403/07/202404/05/2024CVE-2024-2265287651
accepted
256034keerti1924 PHP-MYSQL-User-Login-System login.php sql injectionVulDBVulDB02/25/202403/07/202404/05/2024CVE-2024-2264287648
accepted
255678SourceCodester Online Tours & Travels Management System HTTP POST Request expense_category.php sql injectionVulDBVulDB03/03/202403/04/202404/04/2024CVE-2024-2168292636
accepted
255588SourceCodester Best POS Management System admin_class.php sql injectionVulDBVulDB03/03/202403/03/202404/04/2024CVE-2024-2156292579
accepted
255587SourceCodester Best POS Management System index.php file inclusionVulDBVulDB03/03/202403/03/202404/04/2024CVE-2024-2155292463
accepted
255586SourceCodester Online Mobile Management Store view_product.php sql injectionVulDBVulDB03/03/202403/03/202404/04/2024CVE-2024-2154292359
accepted
255585SourceCodester Online Mobile Management Store view_order.php sql injectionVulDBVulDB03/03/202403/03/202404/04/2024CVE-2024-2153292353
accepted
255584SourceCodester Online Mobile Management Store manage_product.php sql injectionVulDBVulDB03/03/202403/03/202404/04/2024CVE-2024-2152292351
accepted
255583SourceCodester Online Mobile Management Store Product Price logic errorVulDBVulDB03/03/202403/03/202404/04/2024CVE-2024-2151292348
accepted
255503SourceCodester Insurance Management System file inclusionVulDBVulDB03/02/202403/02/202404/04/2024CVE-2024-2150291951
accepted
255502CodeAstro Membership Management System settings.php sql injectionVulDBVulDB03/01/202403/02/202404/04/2024CVE-2024-2149291452
accepted
255501SourceCodester Online Mobile Management Store Users.php unrestricted uploadVulDBVulDB03/01/202403/02/202404/04/2024CVE-2024-2148291451
accepted
255500SourceCodester Online Mobile Management Store login.php sql injectionVulDBVulDB03/01/202403/02/202404/04/2024CVE-2024-2147291450
accepted
255499SourceCodester Online Mobile Management Store ?p=products cross site scriptingVulDBVulDB03/01/202403/02/202404/04/2024CVE-2024-2146291445
accepted
255498SourceCodester Online Mobile Management Store update-tracker.php cross site scriptingVulDBVulDB03/01/202403/02/202404/04/2024CVE-2024-2145291433
accepted
255497Bdtask Hospital AutoManager Hospital Activities Page form cross site scriptingVulDBVulDB02/24/202403/02/202404/04/2024CVE-2024-2135287456
accepted
255496Bdtask Hospital AutoManager Investigation Report cross-site request forgeryVulDBVulDB02/24/202403/02/202404/04/2024CVE-2024-2134287453
accepted
255495Bdtask Isshue Multi Store eCommerce Shopping Cart Solution Manage Sale Page manage_invoice cross site scriptingVulDBVulDB02/22/202403/02/202404/04/2024CVE-2024-2133286401
accepted
255393SourceCodester Simple Online Bidding System index.php sql injectionVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2077290939
accepted
255392CodeAstro House Rental Management System tenant.php missing authenticationVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2076290857
accepted
255391SourceCodester Daily Habit Tracker update-tracker.php cross site scriptingVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2075290848
accepted
255389Mini-Tmall 1 sql injectionVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2074290834
accepted
255388SourceCodester Block Inserter for Dynamic Content view_post.php sql injectionVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2073290791
accepted
255387SourceCodester Flashcard Quiz App update-flashcard.php cross site scriptingVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2072290263
accepted
255386SourceCodester FAQ Management System Update FAQ cross site scriptingVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2071290273
accepted
255385SourceCodester FAQ Management System add-faq.php cross site scriptingVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2070290235
accepted
255384SourceCodester FAQ Management System delete-faq.php sql injectionVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2069290224
accepted
255383SourceCodester Computer Inventory System update-computer.php cross site scriptingVulDBVulDB02/28/202403/01/202404/03/2024CVE-2024-2068289943
accepted
255382SourceCodester Computer Inventory System delete-computer.php sql injectionVulDBVulDB02/28/202403/01/202404/03/2024CVE-2024-2067289940
accepted
255381SourceCodester Computer Inventory System add-computer.php cross site scriptingVulDBVulDB02/28/202403/01/202404/03/2024CVE-2024-2066289932
accepted
255380SourceCodester Barangay Population Monitoring System update-resident.php cross site scriptingVulDBVulDB02/28/202403/01/202404/03/2024CVE-2024-2065289926
accepted
255379rahman SelectCours Template CacheController.java getCacheNames injectionVulDBVulDB02/28/202403/01/202404/03/2024CVE-2024-2064289790
accepted
255378SourceCodester Petrol Pump Management Software profile_crud.php cross site scriptingVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2063290794
accepted
255377SourceCodester Petrol Pump Management Software edit_categories.php sql injectionVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2062290659
accepted
255376SourceCodester Petrol Pump Management Software edit_supplier.php sql injectionVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2061290516
accepted
255375SourceCodester Petrol Pump Management Software login_crud.php sql injectionVulDBVulDB02/29/202403/01/202404/03/2024CVE-2024-2060290513
accepted
255374SourceCodester Petrol Pump Management Software service_crud.php unrestricted uploadVulDBVulDB02/28/202403/01/202404/03/2024CVE-2024-2059289555
accepted
255373SourceCodester Petrol Pump Management Software product.php unrestricted uploadVulDBVulDB02/28/202403/01/202404/03/2024CVE-2024-2058289522
accepted
255372LangChain langchain_community TFIDFRetriever tfidf.py load_local server-side request forgeryVulDBVulDB02/28/202403/01/202404/03/2024CVE-2024-2057289390
accepted
255301Netentsec NS-ASG Application Security Gateway list_ipAddressPolicy.php sql injectionVulDBVulDB02/22/202402/29/202404/03/2024CVE-2024-2022285963
accepted
255300Netentsec NS-ASG Application Security Gateway list_localuser.php sql injectionVulDBVulDB02/22/202402/29/202404/03/2024CVE-2024-2021285959
accepted
255270ZhiCms setcontroller.php index code injectionVulDBVulDB02/19/202402/29/202404/03/2024CVE-2024-2016284475
accepted
255269ZhiCms mcontroller.php getindexdata sql injectionVulDBVulDB02/29/202404/03/2024CVE-2024-2015
 
accepted
255268Panabit Panalog sprog_upstatus.php sql injectionVulDBVulDB02/21/202402/29/202404/03/2024CVE-2024-2014285255
accepted
255266Nway Pro Argument index.php ajax_login_submit_form information exposureVulDBVulDB02/19/202402/29/202404/03/2024CVE-2024-2009284610
accepted
255265OpenBMB XAgent Privileged Mode sandboxVulDBVulDB02/19/202402/29/202404/03/2024CVE-2024-2007284427
accepted
255128SourceCodester Online Job Portal EditProfile.php cross site scriptingVulDBVulDB02/27/202402/28/202404/03/2024CVE-2024-1972288932
accepted
255127Surya2Developer Online Shopping System POST Parameter login.php sql injectionVulDBVulDB02/27/202402/28/202403/15/2024CVE-2024-1971288927
accepted
255126SourceCodester Online Learning System V2 index.php cross site scriptingVulDBVulDB02/27/202402/28/202403/15/2024CVE-2024-1970288852
accepted
254864SourceCodester Web-Based Student Clearance System Edit User Profile Page edit-admin.php sql injectionVulDBVulDB02/26/202402/27/202403/14/2024CVE-2024-1928288057
accepted
254863SourceCodester Web-Based Student Clearance System login.php sql injectionVulDBVulDB02/26/202402/27/202403/14/2024CVE-2024-1927288037
accepted
254861SourceCodester Free and Open Source Inventory Management System search_sales_report.php sql injectionVulDBVulDB02/26/202402/27/202403/14/2024CVE-2024-1926287953
accepted
254860Ctcms Upsys.php unrestricted uploadVulDBVulDB02/26/202402/27/202403/14/2024CVE-2024-1925287933
accepted
254859CodeAstro Membership Management System get_membership_amount.php sql injectionVulDBVulDB02/26/202402/27/202403/14/2024CVE-2024-1924287879
accepted
254858SourceCodester Simple Student Attendance System List of Classes Page ajax-api.php delete_student sql injectionVulDBVulDB02/25/202402/27/202403/14/2024CVE-2024-1923287769
accepted
254857SourceCodester Online Job Portal Manage Job Page ManageJob.php cross site scriptingVulDBVulDB02/25/202402/27/202403/14/2024CVE-2024-1922287707
accepted
254856osuuu LightPicture Setup.php unrestricted uploadVulDBVulDB02/25/202402/27/202403/14/2024CVE-2024-1921287591
accepted
254855osuuu LightPicture TokenVerify.php handle hard-coded keyVulDBVulDB02/25/202402/27/202403/14/2024CVE-2024-1920287588
accepted
254854SourceCodester Online Job Portal Manage Walkin Page ManageWalkin.php cross site scriptingVulDBVulDB02/25/202402/27/202403/14/2024CVE-2024-1919287559
accepted
254839Byzoro Smart S42 Management Platform userattestation.php unrestricted uploadVulDBVulDB02/19/202402/27/202404/09/2024CVE-2024-1918284382
accepted
254726SourceCodester Employee Management System myprofile.php sql injectionVulDBVulDB02/24/202402/25/202403/14/2024CVE-2024-1878287398
accepted
254725SourceCodester Employee Management System cancel.php sql injectionVulDBVulDB02/24/202402/25/202403/14/2024CVE-2024-1877287397
accepted
254724SourceCodester Employee Management System psubmit.php sql injectionVulDBVulDB02/24/202402/25/202403/14/2024CVE-2024-1876287390
accepted
254723SourceCodester Complaint Management System Lodge Complaint Section register-complaint.php unrestricted uploadVulDBVulDB02/24/202402/25/202403/14/2024CVE-2024-1875287350
accepted
254694SourceCodester Employee Management System Project Assignment Report assignp.php cross site scriptingVulDBVulDB02/23/202402/24/202403/14/2024CVE-2024-1871287010
accepted
254625SourceCodester Simple Student Attendance System ?page=attendance&class_id=1 cross site scriptingVulDBVulDB02/23/202402/23/202403/13/2024CVE-2024-1834286687
accepted
254624SourceCodester Employee Management System login.php sql injectionVulDBVulDB02/23/202402/23/202403/13/2024CVE-2024-1833286680
accepted
254623SourceCodester Complete File Management System Admin Login Form sql injectionVulDBVulDB02/23/202402/23/202403/13/2024CVE-2024-1832286682
accepted
254622SourceCodester Complete File Management System Login Form index.php sql injectionVulDBVulDB02/23/202402/23/202403/13/2024CVE-2024-1831286662
accepted
254618code-projects Library System lost-password.php sql injectionVulDBVulDB02/23/202402/23/202403/13/2024CVE-2024-1830286557
accepted
254617code-projects Library System registration.php sql injectionVulDBVulDB02/23/202402/23/202403/13/2024CVE-2024-1829286556
accepted
254616code-projects Library System registration.php sql injectionVulDBVulDB02/23/202402/23/202403/13/2024CVE-2024-1828286535
accepted
254615code-projects Library System login.php sql injectionVulDBVulDB02/23/202402/23/202403/13/2024CVE-2024-1827286534
accepted
254614code-projects Library System login.php sql injectionVulDBVulDB02/23/202402/23/202403/13/2024CVE-2024-1826286533
accepted
254613CodeAstro House Rental Management System User Registration Page cross site scriptingVulDBVulDB02/22/202402/23/202403/13/2024CVE-2024-1825286169
accepted
254612CodeAstro House Rental Management System signing.php sql injectionVulDBVulDB02/22/202402/23/202403/13/2024CVE-2024-1824286160
accepted
254611CodeAstro Simple Voting System Backend users.php access controlVulDBVulDB02/22/202402/23/202403/13/2024CVE-2024-1823285985
accepted
254610PHPGurukul Tourism Management System user-bookings.php cross site scriptingVulDBVulDB02/20/202402/23/202403/13/2024CVE-2024-1822284939
accepted
254609code-projects Crime Reporting System police_add.php sql injectionVulDBVulDB02/20/202402/23/202403/13/2024CVE-2024-1821284813
accepted
254608code-projects Crime Reporting System inchargelogin.php sql injectionVulDBVulDB02/20/202402/23/202403/13/2024CVE-2024-1820284798
accepted
254607CodeAstro Membership Management System Add Members Tab unrestricted uploadVulDBVulDB02/16/202402/23/202403/13/2024CVE-2024-1819283562
accepted
254606CodeAstro Membership Management System Logo unrestricted uploadVulDBVulDB02/16/202402/23/202403/13/2024CVE-2024-1818283539
accepted
254605Demososo DM Enterprise Website Building System Cookie indexDM_load.php dmlogin improper authenticationVulDBVulDB02/15/202402/23/202403/13/2024CVE-2024-1817282802
accepted
254576D-Link DIR-600M C1 Telnet Service buffer overflowVulDBVulDB02/14/202402/22/202403/13/2024CVE-2024-1786282111
accepted
254575Limbas main_admin.php sql injectionVulDBVulDB02/14/202402/22/202403/13/2024CVE-2024-1784282039
accepted
254574Totolink LR1200GB Web Interface cstecgi.cgi loginAuth stack-based overflowVulDBVulDB02/14/202402/22/202403/13/2024CVE-2024-1783281958
accepted
254573Totolink X6000R AX3000 shttpd cstecgi.cgi setWizardCfg command injectionVulDBVulDB02/12/202402/22/202403/13/2024CVE-2024-1781280937
accepted
254532TemmokuMVC Image Download images_get_down.php img_replace deserializationVulDBVulDB02/11/202402/22/202403/13/2024CVE-2024-1750280599
accepted
254531Bdtask Bhojon Best Restaurant Management Software Message Page message cross site scriptingVulDBVulDB02/10/202402/22/202403/13/2024CVE-2024-1749280367
accepted
254530van_der_Schaar LAB AutoPrognosis Release Note load_model_from_file deserializationVulDBVulDB02/10/202402/22/202403/13/2024CVE-2024-1748280351
accepted
254397GARO WALLBOX GLB+ T2EV7 Software Update index.jsp#settings cross site scriptingVulDBVulDB02/10/202402/21/202403/13/2024CVE-2024-1707280142
accepted
254396ZKTeco ZKBio Access IVS Department Name Search Bar cross site scriptingVulDBVulDB02/09/202402/21/202403/13/2024CVE-2024-1706280083
accepted
254393Shopwind Installation DefaultController.php actionCreate code injectionVulDBVulDB02/09/202402/21/202403/13/2024CVE-2024-1705280001
accepted
254392ZhongBangKeJi CRMEB crud delete path traversalVulDBVulDB02/07/202402/21/202403/13/2024CVE-2024-1704279058
accepted
254391ZhongBangKeJi CRMEB openfile absolute path traversalVulDBVulDB02/07/202402/21/202403/13/2024CVE-2024-1703279051
accepted
254390keerti1924 PHP-MYSQL-User-Login-System edit.php sql injectionVulDBVulDB02/07/202402/21/202403/13/2024CVE-2024-1702279000
accepted
254389keerti1924 PHP-MYSQL-User-Login-System edit.php access controlVulDBVulDB02/07/202402/21/202403/13/2024CVE-2024-1701278999
accepted
254388keerti1924 PHP-MYSQL-User-Login-System signup.php cross site scriptingVulDBVulDB02/07/202402/21/202403/13/2024CVE-2024-1700278991
accepted
254179Totolink X6000R shadow hard-coded credentialsVulDBVulDB02/02/202402/20/202403/08/2024CVE-2024-1661276572
accepted
253407KDE Plasma Workspace Theme File eventpluginsmanager.cpp enabledPlugins path traversalVulDBVulDB02/11/202403/03/2024CVE-2024-1433
 
accepted
253391DeepFaceLab main.py apply_xseg deserializationVulDBVulDB02/10/202402/10/202403/03/2024CVE-2024-1432280174
accepted
253382Netgear R7000 Web Management Interface debuginfo.htm information disclosureVulDBVulDB02/01/202402/10/202403/03/2024CVE-2024-1431276026
accepted
253381Netgear R7000 Web Management Interface currentsetting.htm information disclosureVulDBVulDB02/01/202402/10/202403/03/2024CVE-2024-1430276025
accepted
253330Linksys WRT54GL Web Management Interface SysInfo1.htm information disclosureVulDBVulDB02/01/202402/09/202403/03/2024CVE-2024-1406276024
accepted
253329Linksys WRT54GL Web Management Interface wlaninfo.htm information disclosureVulDBVulDB02/01/202402/09/202403/03/2024CVE-2024-1405276023
accepted
253328Linksys WRT54GL Web Management Interface SysInfo.htm information disclosureVulDBVulDB02/01/202402/09/202403/03/2024CVE-2024-1404276022
accepted
253226PHPEMS index.api.php index deserializationVulDBVulDB02/08/202402/08/202403/02/2024CVE-2024-1353279560
accepted
253012SourceCodester Product Management System supplier.php cross site scriptingVulDBVulDB02/06/202402/06/202403/01/2024CVE-2024-1269278341
accepted
253011CodeAstro Restaurant POS System update_product.php unrestricted uploadVulDBVulDB02/05/202402/06/202403/01/2024CVE-2024-1268277995
accepted
253010CodeAstro Restaurant POS System create_account.php cross site scriptingVulDBVulDB02/05/202402/06/202403/01/2024CVE-2024-1267277871
accepted
253009CodeAstro University Management System Student Registration Form st_reg.php cross site scriptingVulDBVulDB02/04/202402/06/202403/01/2024CVE-2024-1266277567
accepted
253008CodeAstro University Management System Attendance Management att_add.php cross site scriptingVulDBVulDB02/04/202402/06/202403/01/2024CVE-2024-1265277563
accepted
253003Juanpao JPShop UploadsController.php actionUpdate unrestricted uploadVulDBVulDB02/05/202402/06/202403/01/2024CVE-2024-1264277749
accepted
253002Juanpao JPShop API PosterController.php actionUpdate unrestricted uploadVulDBVulDB02/05/202402/06/202403/01/2024CVE-2024-1263277705
accepted
253001Juanpao JPShop API MaterialController.php actionUpdate unrestricted uploadVulDBVulDB02/05/202402/06/202403/01/2024CVE-2024-1262277681
accepted
253000Juanpao JPShop API ComboController.php actionIndex unrestricted uploadVulDBVulDB02/04/202402/06/202403/01/2024CVE-2024-1261277446
accepted
252999Juanpao JPShop API ComboController.php actionIndex unrestricted uploadVulDBVulDB02/04/202402/06/202403/01/2024CVE-2024-1260277443
accepted
252998Juanpao JPShop API AppController.php unrestricted uploadVulDBVulDB02/04/202402/06/202403/01/2024CVE-2024-1259277432
accepted
252997Juanpao JPShop API params.php hard-coded keyVulDBVulDB02/04/202402/06/202403/01/2024CVE-2024-1258277418
accepted
252996Jspxcms find_text.do cross site scriptingVulDBVulDB02/03/202402/06/202403/01/2024CVE-2024-1257277271
accepted
252995Jspxcms filter_text.do cross site scriptingVulDBVulDB02/03/202402/06/202403/01/2024CVE-2024-1256277270
accepted
252994sepidz SepidzDigitalMenu Waiters information disclosureVulDBVulDB01/29/202402/06/202403/01/2024CVE-2024-1255274640
accepted
252993Byzoro Smart S20 Management Platform sysmanageajax.php sql injectionVulDBVulDB01/27/202402/06/202404/09/2024CVE-2024-1254274042
accepted
252992Byzoro Smart S40 Management Platform Import web.php unrestricted uploadVulDBVulDB01/26/202402/06/202404/09/2024CVE-2024-1253273438
accepted
252991Tongda OA 2017 delete.php sql injectionVulDBVulDB01/26/202402/06/202403/01/2024CVE-2024-1252273433
accepted
252990Tongda OA 2017 delete.php sql injectionVulDBVulDB01/26/202402/06/202403/01/2024CVE-2024-1251273382
accepted
252847QiboSoft QiboCMS X1 Pay.php rmb_pay deserializationVulDBVulDB01/23/202402/05/202402/29/2024CVE-2024-1225271826
accepted
252782SourceCodester CRUD without Page Reload fetch_data.php cross site scriptingVulDBVulDB02/02/202402/02/202402/25/2024CVE-2024-1215276712
accepted
252698Jspxcms information disclosureVulDBVulDB02/01/202402/02/202402/25/2024CVE-2024-1200276106
accepted
252697CodeAstro Employee Task Management System attendance-info.php denial of serviceVulDBVulDB02/01/202402/02/202402/25/2024CVE-2024-1199276077
accepted
252696openBI Phar User.php addxinzhi deserializationVulDBVulDB02/01/202402/02/202402/25/2024CVE-2024-1198276044
accepted
252695SourceCodester Testimonial Page Manager HTTP GET Request delete-testimonial.php sql injectionVulDBVulDB02/01/202402/02/202402/25/2024CVE-2024-1197275997
accepted
252694SourceCodester Testimonial Page Manager HTTP POST Request add-testimonial.php cross site scriptingVulDBVulDB02/01/202402/02/202402/25/2024CVE-2024-1196275996
accepted
252685iTop VPN IOCTL ITopVpnCallbackProcess.sys denial of serviceVulDBVulDB01/23/202402/02/202402/25/2024CVE-2024-1195271587
accepted
252684Armcode AlienIP Locate Host denial of serviceVulDBVulDB01/22/202402/02/202402/25/2024CVE-2024-1194271387
accepted
252683Navicat MySQL Conecction denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1193271378
accepted
252682South River WebDrive New Secure WebDAV denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1192271369
accepted
252681Hyper CdCatalog HCF File denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1191271366
accepted
252680Global Scape CuteFTP denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1190271361
accepted
252679AMPPS Encryption Passphrase denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1189271360
accepted
252678Rizone Soft Notepad3 Encryption Passphrase denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1188271351
accepted
252677Munsoft Easy Outlook Express Recovery Registration Key denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1187271350
accepted
252676Munsoft Easy Archive Recovery Registration Key denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1186271349
accepted
252675Nsasoft NBMonitor Network Bandwidth Monitor Registration denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1185271347
accepted
252674Nsasoft Network Sleuth Registration denial of serviceVulDBVulDB01/22/202402/02/202402/24/2024CVE-2024-1184271346
accepted
252475openBI Screen.php index code injectionVulDBVulDB01/31/202401/31/202402/22/2024CVE-2024-1117275593
accepted
252474openBI Upload.php index unrestricted uploadVulDBVulDB01/31/202401/31/202402/22/2024CVE-2024-1116275532
accepted
252473openBI Setting.php dlfile os command injectionVulDBVulDB01/31/202401/31/202402/22/2024CVE-2024-1115275527
accepted
252472openBI Screen.php dlfile access controlVulDBVulDB01/31/202401/31/202402/22/2024CVE-2024-1114275524
accepted
252471openBI Unity.php uploadUnity unrestricted uploadVulDBVulDB01/31/202401/31/202402/22/2024CVE-2024-1113275512
accepted
252470SourceCodester QR Code Login System add-user.php cross site scriptingVulDBVulDB01/30/202401/31/202402/22/2024CVE-2024-1111275433
accepted
252458CodeAstro Real Estate Management System Feedback Form profile.php cross site scriptingVulDBVulDB01/30/202401/31/202402/22/2024CVE-2024-1103275364
accepted
252456Rebuild read-raw getFileOfData cross site scriptingVulDBVulDB01/30/202401/31/202402/22/2024CVE-2024-1099275055
accepted
252455Rebuild proxy-download QiniuCloud.getStorageFile information disclosureVulDBVulDB01/30/202401/31/202402/22/2024CVE-2024-1098275053
accepted
252311openBI Icon Screen.php uploadIcon unrestricted uploadVulDBVulDB01/29/202401/29/202402/21/2024CVE-2024-1036274628
accepted
252310openBI Icon.php uploadIcon unrestricted uploadVulDBVulDB01/29/202401/29/202402/21/2024CVE-2024-1035274618
accepted
252309openBI File.php uploadFile unrestricted uploadVulDBVulDB01/29/202401/29/202402/21/2024CVE-2024-1034274616
accepted
252308openBI Datament.php agent information disclosureVulDBVulDB01/29/202401/29/202402/21/2024CVE-2024-1033274606
accepted
252307openBI Test Connection Databasesource.php testConnection deserializationVulDBVulDB01/29/202401/29/202402/21/2024CVE-2024-1032274595
accepted
252304CodeAstro Expense Management System Add Expenses Page 5-Add-Expenses.php cross site scriptingVulDBVulDB01/29/202401/29/202402/21/2024CVE-2024-1031274513
accepted
252303Cogites eReserv tenancyDetail.php cross site scriptingVulDBVulDB01/28/202401/29/202402/21/2024CVE-2024-1030274372
accepted
252302Cogites eReserv tenancyDetail.php cross site scriptingVulDBVulDB01/28/202401/29/202402/21/2024CVE-2024-1029274366
accepted
252301SourceCodester Facebook News Feed Like Post cross site scriptingVulDBVulDB01/28/202401/29/202402/21/2024CVE-2024-1028274337
accepted
252300SourceCodester Facebook News Feed Like Post unrestricted uploadVulDBVulDB01/28/202401/29/202402/21/2024CVE-2024-1027274336
accepted
252293Cogites eReserv config.php cross site scriptingVulDBVulDB01/28/202401/29/202402/21/2024CVE-2024-1026274335
accepted
252292SourceCodester Facebook News Feed Like New Account cross site scriptingVulDBVulDB01/28/202401/29/202402/21/2024CVE-2024-1024274334
accepted
252291CodeAstro Simple Student Result Management System Add Class Page add_classes.php cross site scriptingVulDBVulDB01/28/202401/29/202402/21/2024CVE-2024-1022274286
accepted
252290Rebuild HTTP Request readRawText server-side request forgeryVulDBVulDB01/27/202401/29/202402/21/2024CVE-2024-1021273832
accepted
252289Rebuild proxy-download getStorageFile cross site scriptingVulDBVulDB01/27/202401/29/202402/21/2024CVE-2024-1020273831
accepted
252288PbootCMS cross site scriptingVulDBVulDB01/26/202401/29/202402/21/2024CVE-2024-1018273238
accepted
252287Gabriels FTP Server denial of serviceVulDBVulDB01/25/202401/29/202402/21/2024CVE-2024-1017272939
accepted
252286Solar FTP Server PASV Command denial of serviceVulDBVulDB01/25/202401/29/202402/21/2024CVE-2024-1016272935
accepted
252281Wanhu ezOFFICE wf_printnum.jsp sql injectionVulDBVulDB01/25/202401/29/202402/21/2024CVE-2024-1012272869
accepted
252280SourceCodester Employee Management System Leave delete-leave.php access controlVulDBVulDB01/25/202401/29/202402/21/2024CVE-2024-1011272796
accepted
252279SourceCodester Employee Management System edit-profile.php cross site scriptingVulDBVulDB01/24/202401/29/202402/21/2024CVE-2024-1010272497
accepted
252278SourceCodester Employee Management System login.php sql injectionVulDBVulDB01/24/202401/29/202402/21/2024CVE-2024-1009272235
accepted
252277SourceCodester Employee Management System Profile Page edit-photo.php unrestricted uploadVulDBVulDB01/24/202401/29/202402/21/2024CVE-2024-1008272230
accepted
252276SourceCodester Employee Management System edit_profile.php sql injectionVulDBVulDB01/24/202401/29/202402/21/2024CVE-2024-1007272228
accepted
252275Shanxi Diankeyun Technology NODERP Cookie common.php improper authenticationVulDBVulDB01/22/202401/29/202402/21/2024CVE-2024-1006271175
accepted
252274Shanxi Diankeyun Technology NODERP log file accessVulDBVulDB01/22/202401/29/202402/21/2024CVE-2024-1005271141
accepted
252273Totolink N200RE cstecgi.cgi loginAuth stack-based overflowVulDBVulDB01/21/202401/29/202402/21/2024CVE-2024-1004271002
accepted
252272Totolink N200RE cstecgi.cgi setLanguageCfg stack-based overflowVulDBVulDB01/21/202401/29/202402/21/2024CVE-2024-1003271001
accepted
252271Totolink N200RE cstecgi.cgi setIpPortFilterRules stack-based overflowVulDBVulDB01/21/202401/29/202402/21/2024CVE-2024-1002271000
accepted
252270Totolink N200RE cstecgi.cgi main stack-based overflowVulDBVulDB01/21/202401/29/202402/21/2024CVE-2024-1001270999
accepted
252269Totolink N200RE cstecgi.cgi setTracerouteCfg stack-based overflowVulDBVulDB01/21/202401/29/202402/21/2024CVE-2024-1000270998
accepted
252268Totolink N200RE cstecgi.cgi setParentalRules stack-based overflowVulDBVulDB01/21/202401/29/202402/21/2024CVE-2024-0999270997
accepted
252267Totolink N200RE cstecgi.cgi setDiagnosisCfg stack-based overflowVulDBVulDB01/21/202401/29/202402/21/2024CVE-2024-0998270996
accepted
252266Totolink N200RE cstecgi.cgi setOpModeCfg stack-based overflowVulDBVulDB01/21/202401/29/202402/21/2024CVE-2024-0997270995
accepted
252261Tenda i9 httpd setcfm formSetCfm stack-based overflowVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0996270967
accepted
252260Tenda W6 httpd wifiSSIDset formwrlSSIDset stack-based overflowVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0995270966
accepted
252259Tenda W6 httpd setcfm formSetCfm stack-based overflowVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0994270965
accepted
252258Tenda i6 httpd WifiMacFilterGet formWifiMacFilterGet stack-based overflowVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0993270964
accepted
252257Tenda i6 httpd wifiSSIDset formwrlSSIDset stack-based overflowVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0992270963
accepted
252256Tenda i6 httpd setcfm formSetCfm stack-based overflowVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0991270962
accepted
252255Tenda i6 httpd setAutoPing formSetAutoPing stack-based overflowVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0990270961
accepted
252254Sichuan Yougou Technology KuERP Service.php del_sn_db path traversalVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0989270934
accepted
252253Sichuan Yougou Technology KuERP common.php checklogin improper authenticationVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0988270927
accepted
252252Sichuan Yougou Technology KuERP log neutralization for logsVulDBVulDB01/21/202401/28/202402/21/2024CVE-2024-0987270901
accepted
252251Issabel PBX Asterisk-Cli os command injectionVulDBVulDB01/20/202401/28/202402/21/2024CVE-2024-0986270537
accepted
252206obgm libcoap Configuration File coap_oscore.c get_split_entry stack-based overflowVulDBVulDB01/25/202401/26/202402/20/2024CVE-2024-0962272859
accepted
252205flink-extended ai-flow workflow_command.py cloudpickle.loads deserializationVulDBVulDB01/24/202401/26/202402/19/2024CVE-2024-0960272290
accepted
252204StanfordVL GibsonEnv pposgd_fuse.py cloudpickle.load deserializationVulDBVulDB01/24/202401/26/202402/19/2024CVE-2024-0959272236
accepted
252203CodeAstro Stock Management System Add Category index.php cross site scriptingVulDBVulDB01/23/202401/26/202402/19/2024CVE-2024-0958271724
accepted
252191NetBox Home Page Configuration config-revisions cross site scriptingVulDBVulDB01/19/202401/26/202402/19/2024CVE-2024-0948270218
accepted
25219060IndexPage Parameter index.php server-side request forgeryVulDBVulDB01/19/202401/26/202402/19/2024CVE-2024-0946270176
accepted
25218960IndexPage Parameter file.php server-side request forgeryVulDBVulDB01/19/202401/26/202402/19/2024CVE-2024-0945270175
accepted
252188Totolink T8 cstecgi.cgi session expirationVulDBVulDB01/18/202401/26/202404/01/2024CVE-2024-0944269681
accepted
252187Totolink N350RT cstecgi.cgi session expirationVulDBVulDB01/18/202401/26/202404/01/2024CVE-2024-0943269680
accepted
252186Totolink N200RE V5 cstecgi.cgi session expirationVulDBVulDB01/18/202401/26/202404/01/2024CVE-2024-0942269679
accepted
252185Novel-Plus list sql injectionVulDBVulDB01/18/202401/26/202402/19/2024CVE-2024-0941269586
accepted
252184Byzoro Smart S210 Management Platform uploadfile.php unrestricted uploadVulDBVulDB01/17/202401/26/202404/09/2024CVE-2024-0939269268
accepted
252183Tongda OA 2017 delete_webmail.php sql injectionVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0938269265
accepted
252182van_der_Schaar LAB synthcity PKL File load_from_file deserializationVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0937269222
accepted
252181van_der_Schaar LAB TemporAI PKL File load_from_file deserializationVulDBVulDB01/16/202401/26/202402/19/2024CVE-2024-0936268318
accepted
252140Niushop B2B2C Upload.php unrestricted uploadVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0933269184
accepted
252139D-Link DIR-816 A2 Web Interface setDeviceSettings os command injectionVulDBVulDB01/16/202401/26/202402/19/2024CVE-2024-0921268419
accepted
252137Tenda AC10U setSmartPowerManagement stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0932269151
accepted
252136Tenda AC10U saveParentControlInfo stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0931269148
accepted
252135Tenda AC10U fromSetWirelessRepeat stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0930269147
accepted
252134Tenda AC10U fromNatStaticSetting stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0929269146
accepted
252133Tenda AC10U fromDhcpListClient stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0928269144
accepted
252132Tenda AC10U fromAddressNat stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0927269131
accepted
252131Tenda AC10U formWifiWpsOOB stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0926269130
accepted
252130Tenda AC10U formSetVirtualSer stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0925269129
accepted
252129Tenda AC10U formSetPPTPServer stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0924269128
accepted
252128Tenda AC10U formSetDeviceName stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0923269125
accepted
252127Tenda AC10U formQuickIndex stack-based overflowVulDBVulDB01/17/202401/26/202402/19/2024CVE-2024-0922269124
accepted
252124TRENDnet TEW-822DRE POST Request admin_ping.htm command injectionVulDBVulDB01/16/202401/26/202402/19/2024CVE-2024-0920268281
accepted
252123TRENDnet TEW-815DAP POST Request do_setNTP command injectionVulDBVulDB01/16/202401/26/202402/19/2024CVE-2024-0919268279
accepted
252122TRENDnet TEW-800MB POST Request os command injectionVulDBVulDB01/16/202401/26/202402/19/2024CVE-2024-0918268198
accepted
252043hongmaple octopus cross site scriptingVulDBVulDB01/23/202401/25/202402/18/2024CVE-2024-0891271596
accepted
252042hongmaple octopus edit sql injectionVulDBVulDB01/23/202401/25/202402/18/2024CVE-2024-0890271591
accepted
252041Kmint21 Golden FTP Server PASV Command denial of serviceVulDBVulDB01/22/202401/25/202402/18/2024CVE-2024-0889271471
accepted
252039BORGChat Service Port 7551 denial of serviceVulDBVulDB01/22/202401/25/202402/18/2024CVE-2024-0888271390
accepted
252038Mafiatic Blue Server Connection denial of serviceVulDBVulDB01/22/202401/25/202402/18/2024CVE-2024-0887271364
accepted
252037Poikosoft EZ CD Audio Converter Activation denial of serviceVulDBVulDB01/22/202401/25/202402/18/2024CVE-2024-0886271345
accepted
252036SpyCamLizard HTTP GET Request denial of serviceVulDBVulDB01/22/202401/25/202402/18/2024CVE-2024-0885271333
accepted
252035SourceCodester Online Tours & Travels Management System payment.php exec sql injectionVulDBVulDB01/25/202401/25/202402/18/2024CVE-2024-0884272844
accepted
252034SourceCodester Online Tours & Travels Management System pay.php prepare sql injectionVulDBVulDB01/22/202401/25/202402/18/2024CVE-2024-0883271295
accepted
252033qwdigital LinkWechat Universal Download Interface resource path traversalVulDBVulDB01/15/202401/25/202402/18/2024CVE-2024-0882267804
accepted
252032Qidianbang qdbcrm Password Reset cross-site request forgeryVulDBVulDB01/14/202401/25/202402/18/2024CVE-2024-0880267558
accepted
251700hongmaple octopus list sql injectionVulDBVulDB01/22/202401/22/202402/16/2024CVE-2024-0784271273
accepted
251699Project Worlds Online Admission System documents.php unrestricted uploadVulDBVulDB01/22/202401/22/202402/16/2024CVE-2024-0783271228
accepted
251698CodeAstro Online Railway Reservation System pass-profile.php cross site scriptingVulDBVulDB01/22/202401/22/202402/16/2024CVE-2024-0782271176
accepted
251697CodeAstro Internet Banking System pages_client_signup.php redirectVulDBVulDB01/22/202401/22/202402/16/2024CVE-2024-0781271159
accepted
251696Uniview ISC 2500-S VM.php setNatConfig os command injectionVulDBVulDB01/16/202401/22/202402/16/2024CVE-2024-0778268415
accepted
251678LinZhaoguan pb-cms Comment cross site scriptingVulDBVulDB01/20/202401/21/202402/16/2024CVE-2024-0776270666
accepted
251677CodeAstro Internet Banking System pages_client_signup.php cross site scriptingVulDBVulDB01/19/202401/21/202402/16/2024CVE-2024-0773270344
accepted
251674Any-Capture Any Sound Recorder Registration memory corruptionVulDBVulDB01/13/202401/21/202402/16/2024CVE-2024-0774267359
accepted
251672Nsasoft ShareAlarmPro Registration memory corruptionVulDBVulDB01/13/202401/21/202402/16/2024CVE-2024-0772267100
accepted
251671Nsasoft Product Key Explorer Registration memory corruptionVulDBVulDB01/13/202401/21/202402/16/2024CVE-2024-0771267097
accepted
251670European Chemicals Agency IUCLID Desktop Installer iuclid6.exe default permissionVulDBVulDB01/12/202401/21/202402/16/2024CVE-2024-0770266901
accepted
251666D-Link DIR-859 HTTP POST Request hedwig.cgi path traversalVulDBVulDB01/15/202401/20/202402/15/2024CVE-2024-0769267965
accepted
251562Hecheng Leadshop leadshop.php deserializationVulDBVulDB01/19/202401/19/202402/15/2024CVE-2024-0739270221
accepted
251561个人开源 mldong DecisionModel.java ExpressionEngine code injectionVulDBVulDB01/19/202401/19/202402/15/2024CVE-2024-0738270092
accepted
251560Xlightftpd Xlight FTP Server Login denial of serviceVulDBVulDB01/18/202401/19/202402/15/2024CVE-2024-0737270008
accepted
251559EFS Easy File Sharing FTP Login denial of serviceVulDBVulDB01/18/202401/19/202402/15/2024CVE-2024-0736270006
accepted
251558SourceCodester Online Tours & Travels Management System expense.php exec sql injectionVulDBVulDB01/18/202401/19/202402/15/2024CVE-2024-0735269771
accepted
251557Smsot get.php sql injectionVulDBVulDB01/18/202401/19/202402/15/2024CVE-2024-0734269724
accepted
251556Smsot HTTP POST Request api.php sql injectionVulDBVulDB01/18/202401/19/202402/15/2024CVE-2024-0733269722
accepted
251555PCMan FTP Server STOR Command denial of serviceVulDBVulDB01/18/202401/19/202402/15/2024CVE-2024-0732269589
accepted
251554PCMan FTP Server PUT Command denial of serviceVulDBVulDB01/18/202401/19/202402/15/2024CVE-2024-0731269587
accepted
251553Project Worlds Online Time Table Generator course_ajax.php sql injectionVulDBVulDB01/16/202401/19/202402/15/2024CVE-2024-0730268619
accepted
251552ForU CMS cms_admin.php sql injectionVulDBVulDB01/16/202401/19/202402/15/2024CVE-2024-0729268418
accepted
251551ForU CMS channel.php file inclusionVulDBVulDB01/19/202402/15/2024CVE-2024-0728
 
accepted
251549Project Worlds Student Project Allocation System Admin Login Module admin_login.php cross site scriptingVulDBVulDB01/15/202401/19/202402/15/2024CVE-2024-0726268045
accepted
251548ProSSHD denial of serviceVulDBVulDB01/15/202401/19/202402/15/2024CVE-2024-0725268014
accepted
251547freeSSHd denial of serviceVulDBVulDB01/15/202401/19/202402/15/2024CVE-2024-0723268010
accepted
251546code-projects Social Networking Site Message Page message.php cross site scriptingVulDBVulDB01/15/202401/19/202402/15/2024CVE-2024-0722267960
accepted
251545Jspxcms Survey Label cross site scriptingVulDBVulDB01/14/202401/19/202402/15/2024CVE-2024-0721267581
accepted
251544FactoMineR FactoInvestigate HTML Report Generator cross site scriptingVulDBVulDB01/11/202401/19/202402/15/2024CVE-2024-0720266282
accepted
251543liuwy-dlsdys zhglxt HTTP POST Request edit cross site scriptingVulDBVulDB01/12/202401/19/202402/15/2024CVE-2024-0718266862
accepted
251542D-Link Good Line Router v2 HTTP GET Request devinfo information disclosureVulDBVulDB01/12/202401/19/202402/15/2024CVE-2024-0717266680
accepted
251541Byzoro Smart S150 Management Platform Backup File download.php information disclosureVulDBVulDB01/10/202401/19/202404/09/2024CVE-2024-0716265177
accepted
251540MiczFlor RPi-Jukebox-RFID HTTP Request userScripts.php os command injectionVulDBVulDB01/09/202401/19/202402/15/2024CVE-2024-0714265104
accepted
251539Monitorr Services Configuration upload.php unrestricted uploadVulDBVulDB01/09/202401/19/202402/15/2024CVE-2024-0713264819
accepted
251538Byzoro Smart S150 Management Platform userattea.php access controlVulDBVulDB01/09/202401/19/202404/09/2024CVE-2024-0712264497
accepted
251481AtroCore AtroPIM Product Series Overview cross site scriptingVulDBVulDB01/09/202401/18/202402/12/2024CVE-2024-0696264641
accepted
251480EFS Easy Chat Server HTTP GET Request denial of serviceVulDBVulDB01/08/202401/18/202402/12/2024CVE-2024-0695264009
accepted
251479EFS Easy File Sharing FTP denial of serviceVulDBVulDB01/08/202401/18/202402/12/2024CVE-2024-0693264008
accepted
251383Novel-Plus list sql injectionVulDBVulDB01/15/202401/17/202402/10/2024CVE-2024-0655267897
accepted
251382DeepFaceLab Util.py deserializationVulDBVulDB01/15/202401/17/202402/10/2024CVE-2024-0654267808
accepted
251378PHPGurukul Company Visitor Management System search-visitor.php cross site scriptingVulDBVulDB01/14/202401/17/202402/10/2024CVE-2024-0652267693
accepted
251377PHPGurukul Company Visitor Management System search-visitor.php sql injectionVulDBVulDB01/14/202401/17/202402/10/2024CVE-2024-0651267692
accepted
251376Project Worlds Visitor Management System URL dataset.php cross site scriptingVulDBVulDB01/14/202401/17/202402/10/2024CVE-2024-0650267691
accepted
251375ZhiHuiYun Search ImageController.php download_network_image server-side request forgeryVulDBVulDB01/14/202401/17/202402/10/2024CVE-2024-0649267650
accepted
251374Yunyou CMS Common.php unrestricted uploadVulDBVulDB01/14/202401/17/202402/10/2024CVE-2024-0648267627
accepted
251373Sparksuite SimpleMDE iFrame cross site scriptingVulDBVulDB01/14/202401/17/202402/10/2024CVE-2024-0647267484
accepted
250839ZhiCms giftcontroller.php deserializationVulDBVulDB01/13/202401/16/202402/06/2024CVE-2024-0603267409
accepted
250838ZhongFuCheng3y Austin Email Message Template AustinFileUtils.java getRemoteUrl2File server-side request forgeryVulDBVulDB01/13/202401/16/202402/06/2024CVE-2024-0601267220
accepted
250837Jspxcms Document Management Page InfoController.java cross site scriptingVulDBVulDB01/13/202401/16/202402/06/2024CVE-2024-0599267201
accepted
250795Totolink X2000R formMapDelDevice command injectionVulDBVulDB01/08/202401/16/202402/03/2024CVE-2024-0579263721
accepted
250794Totolink LR1200GB cstecgi.cgi UploadCustomModule stack-based overflowVulDBVulDB01/08/202401/16/202402/03/2024CVE-2024-0578263720
accepted
250793Totolink LR1200GB cstecgi.cgi setLanguageCfg stack-based overflowVulDBVulDB01/08/202401/16/202402/03/2024CVE-2024-0577263719
accepted
250792Totolink LR1200GB cstecgi.cgi setIpPortFilterRules stack-based overflowVulDBVulDB01/08/202401/16/202402/03/2024CVE-2024-0576263718
accepted
250791Totolink LR1200GB cstecgi.cgi setTracerouteCfg stack-based overflowVulDBVulDB01/08/202401/16/202402/03/2024CVE-2024-0575263717
accepted
250790Totolink LR1200GB cstecgi.cgi setParentalRules stack-based overflowVulDBVulDB01/08/202401/16/202402/03/2024CVE-2024-0574263716
accepted
250789Totolink LR1200GB cstecgi.cgi setDiagnosisCfg stack-based overflowVulDBVulDB01/08/202401/16/202402/03/2024CVE-2024-0573263715
accepted
250788Totolink LR1200GB cstecgi.cgi setOpModeCfg stack-based overflowVulDBVulDB01/08/202401/16/202402/03/2024CVE-2024-0572263714
accepted
250787Totolink LR1200GB cstecgi.cgi setSmsCfg stack-based overflowVulDBVulDB01/08/202401/16/202402/03/2024CVE-2024-0571263713
accepted
250786Totolink N350RT Setting cstecgi.cgi access controlVulDBVulDB01/08/202401/16/202404/01/2024CVE-2024-0570263655
accepted
250785Totolink T8 Setting cstecgi.cgi getSysStatusCfg information disclosureVulDBVulDB01/08/202401/16/202404/01/2024CVE-2024-0569263653
accepted
250726DedeBIZ makehtml_freelist_action.php sql injectionVulDBVulDB01/07/202401/15/202402/03/2024CVE-2024-0558263440
accepted
250725DedeBIZ Website Copyright Setting cross site scriptingVulDBVulDB01/07/202401/15/202402/03/2024CVE-2024-0557263439
accepted
250718FreeFloat FTP Server SIZE Command denial of serviceVulDBVulDB01/13/202401/14/202402/03/2024CVE-2024-0548267087
accepted
250717Ability FTP Server APPE Command denial of serviceVulDBVulDB01/13/202401/14/202402/03/2024CVE-2024-0547267086
accepted
250715EasyFTP LIST Command denial of serviceVulDBVulDB01/13/202401/14/202402/03/2024CVE-2024-0546267081
accepted
250714CodeCanyon RISE Rise Ultimate Project Manager signin redirectVulDBVulDB01/12/202401/14/202402/03/2024CVE-2024-0545266974
accepted
250713CodeAstro Real Estate Management System propertydetail.php sql injectionVulDBVulDB01/12/202401/14/202402/03/2024CVE-2024-0543266941
accepted
250712Tenda W9 httpd formWifiMacFilterGet stack-based overflowVulDBVulDB01/06/202401/14/202402/03/2024CVE-2024-0542263225
accepted
250711Tenda W9 httpd formAddSysLogRule stack-based overflowVulDBVulDB01/06/202401/14/202402/03/2024CVE-2024-0541263224
accepted
250710Tenda W9 httpd formOfflineSet stack-based overflowVulDBVulDB01/06/202401/14/202402/03/2024CVE-2024-0540263223
accepted
250709Tenda W9 httpd formQosManage_user stack-based overflowVulDBVulDB01/06/202401/14/202402/03/2024CVE-2024-0539263222
accepted
250708Tenda W9 httpd formQosManage_auto stack-based overflowVulDBVulDB01/06/202401/14/202402/03/2024CVE-2024-0538263221
accepted
250707Tenda W9 httpd setWrlBasicInfo stack-based overflowVulDBVulDB01/06/202401/14/202402/03/2024CVE-2024-0537263220
accepted
250706Tenda W9 httpd setWrlAccessList stack-based overflowVulDBVulDB01/06/202401/14/202402/03/2024CVE-2024-0536263219
accepted
250705Tenda PA6 httpd portmap cgiPortMapAdd stack-based overflowVulDBVulDB01/05/202401/14/202402/03/2024CVE-2024-0535262808
accepted
250704Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflowVulDBVulDB01/05/202401/14/202402/03/2024CVE-2024-0534262694
accepted
250703Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflowVulDBVulDB01/05/202401/14/202402/03/2024CVE-2024-0533262692
accepted
250702Tenda A15 Web-based Management Interface WifiExtraSet stack-based overflowVulDBVulDB01/05/202401/14/202402/03/2024CVE-2024-0532262690
accepted
250701Tenda A15 Web-based Management Interface setBlackRule stack-based overflowVulDBVulDB01/05/202401/14/202402/03/2024CVE-2024-0531262684
accepted
250700CXBSoft Post-Office HTTP POST Request reg_go.php sql injectionVulDBVulDB01/05/202401/14/202402/03/2024CVE-2024-0530262658
accepted
250699CXBSoft Post-Office HTTP POST Request login_auth.php sql injectionVulDBVulDB01/05/202401/14/202402/03/2024CVE-2024-0529262646
accepted
250698CXBSoft Post-Office HTTP POST Request update_go.php sql injectionVulDBVulDB01/05/202401/14/202402/03/2024CVE-2024-0528262640
accepted
250697CXBSoft Url-shorting HTTP POST Request update_go.php sql injectionVulDBVulDB01/04/202401/14/202402/03/2024CVE-2024-0527262351
accepted
250696CXBSoft Url-shorting HTTP POST Request short_to_long.php sql injectionVulDBVulDB01/04/202401/14/202402/03/2024CVE-2024-0526262347
accepted
250695CXBSoft Url-shorting HTTP POST Request long_s_short.php sql injectionVulDBVulDB01/04/202401/14/202402/03/2024CVE-2024-0525262346
accepted
250694CXBSoft Url-shorting index.php sql injectionVulDBVulDB01/04/202401/14/202402/03/2024CVE-2024-0524262341
accepted
250693CmsEasy language_admin.php getslide_child_action sql injectionVulDBVulDB01/04/202401/14/202402/03/2024CVE-2024-0523262312
accepted
250692Allegro RomPager HTTP POST Request cross-site request forgeryVulDBVulDB12/20/202301/14/202402/03/2024CVE-2024-0522255828
accepted
250652HaoKeKeJi YiQiNiu Api.php http_post server-side request forgeryVulDBVulDB01/12/202401/12/202402/02/2024CVE-2024-0510266845
accepted
250619ZhongFuCheng3y Austin Upload Material Menu MaterialController.java getFile unrestricted uploadVulDBVulDB01/12/202401/12/202402/02/2024CVE-2024-0505266580
accepted
250618code-projects Simple Online Hotel Reservation System Make a Reservation Page add_reserve.php cross site scriptingVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0504266381
accepted
250611code-projects Online FIR System registercomplaint.php cross site scriptingVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0503266379
accepted
250610SourceCodester House Rental Management System Edit User manage_user.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0502266238
accepted
250609SourceCodester House Rental Management System Manage Invoice Details cross site scriptingVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0501266237
accepted
250608SourceCodester House Rental Management System Manage Tenant Details cross site scriptingVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0500266236
accepted
250607SourceCodester House Rental Management System index.php cross site scriptingVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0499266235
accepted
250603Project Worlds Lawyer Management System searchLawyer.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0498266151
accepted
250602Campcodes Student Information System sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0497266149
accepted
250601Kashipara Billing Software HTTP POST Request item_list_edit.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0496266148
accepted
250600Kashipara Billing Software HTTP POST Request party_submit.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0495266147
accepted
250599Kashipara Billing Software HTTP POST Request material_bill.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0494266146
accepted
250598Kashipara Billing Software HTTP POST Request submit_delivery_list.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0493266144
accepted
250597Kashipara Billing Software HTTP POST Request buyer_detail_submit.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0492266132
accepted
250596Huaxia ERP UserController.java password recoveryVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0491266073
accepted
250595Huaxia ERP getAllList information disclosureVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0490266071
accepted
250594code-projects Fighting Cock Information System edit_chicken.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0489266030
accepted
250593code-projects Fighting Cock Information System new-feed.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0488266027
accepted
250592code-projects Fighting Cock Information System delete-vaccine.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0487266025
accepted
250591code-projects Fighting Cock Information System add_con.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0486266023
accepted
250590code-projects Fighting Cock Information System add_con.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0485266020
accepted
250589code-projects Fighting Cock Information System update_mother.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0484266019
accepted
250588Taokeyun HTTP POST Request Task.php index sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0483266022
accepted
250587Taokeyun HTTP POST Request Video.php index sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0482266018
accepted
250586Taokeyun HTTP POST Request Goods.php shopGoods sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0481266016
accepted
250585Taokeyun HTTP POST Request Drs.php index sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0480265998
accepted
250584Taokeyun HTTP POST Request User.php login sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0479265989
accepted
250583code-projects Fighting Cock Information System edit_chicken.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0478265960
accepted
250582code-projects Fighting Cock Information System update-deworm.php sql injectionVulDBVulDB01/11/202401/12/202402/02/2024CVE-2024-0477265957
accepted
250581Blood Bank & Donor Management request-received-bydonar.php cross site scriptingVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0476265622
accepted
250580code-projects Dormitory Management System modifyuser.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0475265561
accepted
250579code-projects Dormitory Management System login.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0474265560
accepted
250578code-projects Dormitory Management System comment.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0473265559
accepted
250577code-projects Dormitory Management System modifyuser.php information disclosureVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0472265558
accepted
250576code-projects Human Resource Integrated System dec_service_credits.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0471265554
accepted
250575code-projects Human Resource Integrated System inc_service_credits.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0470265550
accepted
250574code-projects Human Resource Integrated System update_personal_info.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0469265549
accepted
250573code-projects Fighting Cock Information System new-father.php unrestricted uploadVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0468265529
accepted
250572code-projects Employee Profile Management System edit_position_query.php cross site scriptingVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0467265524
accepted
250571code-projects Employee Profile Management System file_table.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0466265523
accepted
250570code-projects Employee Profile Management System download.php path traversalVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0465265522
accepted
250569code-projects Online Faculty Clearance HTTP GET Request delete_faculty.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0464265507
accepted
250568code-projects Online Faculty Clearance HTTP POST Request admin_view_info.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0463265506
accepted
250567code-projects Online Faculty Clearance HTTP POST Request designee_view_status.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0462265505
accepted
250566code-projects Online Faculty Clearance HTTP POST Request deactivate.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0461265495
accepted
250565code-projects Faculty Management System student-print.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0460265485
accepted
250564Blood Bank & Donor Management request-received-bydonar.php sql injectionVulDBVulDB01/10/202401/12/202402/02/2024CVE-2024-0459265481
accepted
250562ECshop view_sendlist.php sql injectionVulDBVulDB01/10/202401/12/202402/15/2024CVE-2024-1530265178
accepted
250445ForU CMS cms_template.php sql injectionVulDBVulDB01/09/202401/11/202401/30/2024CVE-2024-0426264725
accepted
250444ForU CMS password recoveryVulDBVulDB01/09/202401/11/202401/30/2024CVE-2024-0425264711
accepted
250443CodeAstro Simple Banking System Create a User Page createuser.php cross site scriptingVulDBVulDB01/09/202401/11/202401/30/2024CVE-2024-0424264612
accepted
250442CodeAstro Online Food Ordering System dishes.php cross site scriptingVulDBVulDB01/09/202401/11/202401/30/2024CVE-2024-0423264604
accepted
250441CodeAstro POS and Inventory Management System New Item Creation Page new_item cross site scriptingVulDBVulDB01/09/202401/11/202401/30/2024CVE-2024-0422264605
accepted
250439Jasper httpdx HTTP POST Request denial of serviceVulDBVulDB01/08/202401/11/202401/30/2024CVE-2024-0419264010
accepted
250438iSharer and upRedSun File Sharing Wizard GET Request denial of serviceVulDBVulDB01/08/202401/11/202401/30/2024CVE-2024-0418264007
accepted
250437DeShang DSShop MemberAuth.php path traversalVulDBVulDB01/09/202401/11/202401/30/2024CVE-2024-0417264724
accepted
250436DeShang DSMall MemberAuth.php path traversalVulDBVulDB01/09/202401/11/202401/30/2024CVE-2024-0416264672
accepted
250435DeShang DSMall Image URL TaobaoExport.php access controlVulDBVulDB01/09/202401/11/202401/30/2024CVE-2024-0415264616
accepted
250434DeShang DSCMS install.php access controlVulDBVulDB01/09/202401/11/202401/30/2024CVE-2024-0414264406
accepted
250433DeShang DSKMS install.php access controlVulDBVulDB01/08/202401/11/202401/30/2024CVE-2024-0413264117
accepted
250432DeShang DSShop HTTP GET Request install.php access controlVulDBVulDB01/08/202401/11/202401/30/2024CVE-2024-0412263994
accepted
250431DeShang DSMall HTTP GET Request install.php access controlVulDBVulDB01/08/202401/11/202401/30/2024CVE-2024-0411263828
accepted
250230SourceCodester Student Attendance System attendance_report.php sql injectionVulDBVulDB01/08/202401/10/202401/28/2024CVE-2024-0389263656
accepted
250131PHPGurukul Hospital Management System query-details.php sql injectionVulDBVulDB01/09/202401/09/202401/26/2024CVE-2024-0364264654
accepted
250130PHPGurukul Hospital Management System patient-search.php sql injectionVulDBVulDB01/09/202401/09/202401/26/2024CVE-2024-0363264653
accepted
250129PHPGurukul Hospital Management System change-password.php sql injectionVulDBVulDB01/09/202401/09/202401/26/2024CVE-2024-0362264650
accepted
250128PHPGurukul Hospital Management System contact.php sql injectionVulDBVulDB01/09/202401/09/202401/26/2024CVE-2024-0361264649
accepted
250127PHPGurukul Hospital Management System edit-doctor-specialization.php sql injectionVulDBVulDB01/09/202401/09/202401/26/2024CVE-2024-0360264646
accepted
250126code-projects Simple Online Hotel Reservation System login.php sql injectionVulDBVulDB01/07/202401/09/202401/26/2024CVE-2024-0359263535
accepted
250125DeShang DSO2O install.php access controlVulDBVulDB01/07/202401/09/202401/26/2024CVE-2024-0358263482
accepted
250124coderd-repos Eva HTTP POST Request page sql injectionVulDBVulDB01/07/202401/09/202401/26/2024CVE-2024-0357263481
accepted
250123Mandelo ssm_shiro_blog Backend updateRoles access controlVulDBVulDB01/07/202401/09/202401/26/2024CVE-2024-0356263479
accepted
250122PHPGurukul Dairy Farm Shop Management System add-category.php sql injectionVulDBVulDB01/07/202401/09/202401/26/2024CVE-2024-0355263475
accepted
250121unknown-o download-station index.php path traversalVulDBVulDB01/07/202401/09/202401/26/2024CVE-2024-0354263452
accepted
250120Likeshop HTTP POST Request File.php userFormImage unrestricted uploadVulDBVulDB01/06/202401/09/202401/26/2024CVE-2024-0352263253
accepted
250119SourceCodester Engineers Online Portal session fixiationVulDBVulDB01/06/202401/09/202401/26/2024CVE-2024-0351263256
accepted
250118SourceCodester Engineers Online Portal session expirationVulDBVulDB01/06/202401/09/202401/26/2024CVE-2024-0350263251
accepted
250117SourceCodester Engineers Online Portal missing secure attributeVulDBVulDB01/06/202401/09/202401/26/2024CVE-2024-0349263242
accepted
250116SourceCodester Engineers Online Portal File Upload resource consumptionVulDBVulDB01/06/202401/09/202401/26/2024CVE-2024-0348263235
accepted
250115SourceCodester Engineers Online Portal signup_teacher.php weak passwordVulDBVulDB01/06/202401/09/202401/26/2024CVE-2024-0347263229
accepted
250114CodeAstro Vehicle Booking System Feedback Page user-give-feedback.php cross site scriptingVulDBVulDB01/06/202401/09/202401/26/2024CVE-2024-0346263185
accepted
250113CodeAstro Vehicle Booking System User Registration usr-register.php cross site scriptingVulDBVulDB01/06/202401/09/202401/26/2024CVE-2024-0345263176
accepted
250112soxft TimeMail check.php sql injectionVulDBVulDB01/06/202401/09/202401/26/2024CVE-2024-0344263105
accepted
250111CodeAstro Simple House Rental System Login Panel cross site scriptingVulDBVulDB01/05/202401/09/202401/26/2024CVE-2024-0343262969
accepted
250110Inis Sqlite.php sql injectionVulDBVulDB01/05/202401/09/202401/26/2024CVE-2024-0342262755
accepted
250109Inis GET Request File.php path traversalVulDBVulDB01/05/202401/09/202401/26/2024CVE-2024-0341262724
accepted
249875Inis Proxy.php server-side request forgeryVulDBVulDB01/05/202401/07/202401/25/2024CVE-2024-0308262677
accepted
249874Kashipara Dynamic Lab Management System login_process.php sql injectionVulDBVulDB01/05/202401/07/202401/25/2024CVE-2024-0307262680
accepted
249873Kashipara Dynamic Lab Management System admin_login_process.php sql injectionVulDBVulDB01/05/202401/07/202401/25/2024CVE-2024-0306262671
accepted
249872Guangzhou Yingke Electronic Technology Ncast Guest Login IPSetup.php information disclosureVulDBVulDB01/04/202401/07/202401/25/2024CVE-2024-0305262339
accepted
249871Youke365 collect.php server-side request forgeryVulDBVulDB01/05/202401/07/202401/25/2024CVE-2024-0304262620
accepted
249870Youke365 Parameter caiji.php server-side request forgeryVulDBVulDB01/05/202401/07/202401/25/2024CVE-2024-0303262599
accepted
249869fhs-opensource iparking vueLogin deserializationVulDBVulDB01/04/202401/07/202401/25/2024CVE-2024-0302262435
accepted
249868fhs-opensource iparking PayTempOrderAction.java getData sql injectionVulDBVulDB01/04/202401/07/202401/25/2024CVE-2024-0301262433
accepted
249866Byzoro Smart S150 Management Platform HTTP POST Request userattestation.php unrestricted uploadVulDBVulDB01/01/202401/07/202404/09/2024CVE-2024-0300260962
accepted
249865Totolink N200RE cstecgi.cgi setTracerouteCfg os command injectionVulDBVulDB01/01/202401/07/202401/25/2024CVE-2024-0299260961
accepted
249864Totolink N200RE cstecgi.cgi setDiagnosisCfg os command injectionVulDBVulDB01/01/202401/07/202401/25/2024CVE-2024-0298260960
accepted
249863Totolink N200RE cstecgi.cgi UploadFirmwareFile os command injectionVulDBVulDB01/01/202401/07/202401/25/2024CVE-2024-0297260959
accepted
249862Totolink N200RE cstecgi.cgi NTPSyncWithHost os command injectionVulDBVulDB01/01/202401/07/202401/25/2024CVE-2024-0296260958
accepted
249861Totolink LR1200GB cstecgi.cgi setWanCfg os command injectionVulDBVulDB01/01/202401/07/202401/25/2024CVE-2024-0295260916
accepted
249860Totolink LR1200GB cstecgi.cgi setUssd os command injectionVulDBVulDB01/01/202401/07/202401/25/2024CVE-2024-0294260913
accepted
249859Totolink LR1200GB cstecgi.cgi setUploadSetting os command injectionVulDBVulDB01/01/202401/07/202401/25/2024CVE-2024-0293260912
accepted
249858Totolink LR1200GB cstecgi.cgi setOpModeCfg os command injectionVulDBVulDB01/01/202401/07/202401/25/2024CVE-2024-0292260911
accepted
249857Totolink LR1200GB cstecgi.cgi UploadFirmwareFile command injectionVulDBVulDB01/01/202401/07/202401/25/2024CVE-2024-0291260910
accepted
249851Kashipara Food Management System stock_edit.php sql injectionVulDBVulDB01/05/202401/07/202401/25/2024CVE-2024-0290262693
accepted
249850Kashipara Food Management System stock_entry_submit.php sql injectionVulDBVulDB01/05/202401/07/202401/25/2024CVE-2024-0289262691
accepted
249849Kashipara Food Management System rawstock_used_damaged_submit.php sql injectionVulDBVulDB01/05/202401/07/202401/25/2024CVE-2024-0288262688
accepted
249848Kashipara Food Management System itemBillPdf.php sql injectionVulDBVulDB01/04/202401/07/202401/25/2024CVE-2024-0287262337
accepted
249843PHPGurukul Hospital Management System Contact Form index.php#contact_us cross site scriptingVulDBVulDB01/03/202401/06/202401/25/2024CVE-2024-0286262017
accepted
249839Kashipara Food Management System party_submit.php cross site scriptingVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0284261905
accepted
249838Kashipara Food Management System party_details.php cross site scriptingVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0283261904
accepted
249837Kashipara Food Management System addmaterialsubmit.php cross site scriptingVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0282261903
accepted
249836Kashipara Food Management System loginCheck.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0281261902
accepted
249835Kashipara Food Management System item_type_submit.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0280261901
accepted
249834Kashipara Food Management System item_list_edit.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0279261900
accepted
249833Kashipara Food Management System partylist_edit_submit.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0278261899
accepted
249832Kashipara Food Management System party_submit.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0277261898
accepted
249831Kashipara Food Management System rawstock_used_damaged_smt.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0276261891
accepted
249830Kashipara Food Management System item_edit_submit.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0275261890
accepted
249829Kashipara Food Management System billAjax.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0274261888
accepted
249828Kashipara Food Management System addwaste_entry.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0273261889
accepted
249827Kashipara Food Management System addmaterialsubmit.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0272261895
accepted
249826Kashipara Food Management System addmaterial_edit.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0271261892
accepted
249825Kashipara Food Management System item_list_submit.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0270261887
accepted
249824Kashipara Hospital Management System registration.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0268261884
accepted
249823Kashipara Hospital Management System Parameter login.php sql injectionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0267261883
accepted
249822Project Worlds Online Lawyer Management System User Registration cross site scriptingVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0266261844
accepted
249821SourceCodester Clinic Queuing System GET Parameter index.php file inclusionVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0265261736
accepted
249820SourceCodester Clinic Queuing System LoginRegistration.php authorizationVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0264261684
accepted
249819ACME Ultra Mini HTTPd HTTP GET Request denial of serviceVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0263261640
accepted
249818Online Job Portal Create News Page News.php cross site scriptingVulDBVulDB01/03/202401/06/202401/24/2024CVE-2024-0262261576
accepted
249817Sentex FTPDMIN RNFR Command denial of serviceVulDBVulDB01/02/202401/06/202401/24/2024CVE-2024-0261261565
accepted
249816SourceCodester Engineers Online Portal Password Change change_password_teacher.php session expirationVulDBVulDB01/02/202401/06/202401/24/2024CVE-2024-0260261401
accepted
249778CodeAstro Online Food Ordering System Admin Panel sql injectionVulDBVulDB01/02/202401/05/202401/24/2024CVE-2024-0247261372
accepted
249759IceWarp Utility Download cross site scriptingVulDBVulDB12/26/202301/05/202401/24/2024CVE-2024-0246258573
accepted
249511Magic-Api code injectionVulDBVulDB01/02/202401/02/202401/23/2024CVE-2024-0196261293
accepted
249510spider-flow FunctionController.java FunctionService.saveFunction code injectionVulDBVulDB01/02/202401/02/202401/22/2024CVE-2024-0195261284
accepted
249509CodeAstro Internet Banking System Profile Picture pages_account.php unrestricted uploadVulDBVulDB01/02/202401/02/202401/22/2024CVE-2024-0194261219
accepted
249505RRJ Nueva Ecija Engineer Online Portal Add Downloadable downloadable.php unrestricted uploadVulDBVulDB01/01/202401/02/202401/22/2024CVE-2024-0192261106
accepted
249504RRJ Nueva Ecija Engineer Online Portal file information disclosureVulDBVulDB01/01/202401/02/202401/22/2024CVE-2024-0191261098
accepted
249503RRJ Nueva Ecija Engineer Online Portal Quiz add_quiz.php cross site scriptingVulDBVulDB01/01/202401/02/202401/22/2024CVE-2024-0190261095
accepted
249502RRJ Nueva Ecija Engineer Online Portal Create Message teacher_message.php cross site scriptingVulDBVulDB01/01/202401/02/202401/22/2024CVE-2024-0189261089
accepted
249501RRJ Nueva Ecija Engineer Online Portal change_password_teacher.php weak passwordVulDBVulDB01/01/202401/02/202401/22/2024CVE-2024-0188261088
accepted
249444HuiRan Host Reseller System HTTP POST Request password recoveryVulDBVulDB01/01/202401/01/202401/22/2024CVE-2024-0186260982
accepted
249443RRJ Nueva Ecija Engineer Online Portal Avatar dasboard_teacher.php unrestricted uploadVulDBVulDB01/01/202401/01/202401/22/2024CVE-2024-0185260988
accepted
249442RRJ Nueva Ecija Engineer Online Portal Add Enginer edit_teacher.php cross site scriptingVulDBVulDB01/01/202401/01/202401/22/2024CVE-2024-0184260987
accepted
249441RRJ Nueva Ecija Engineer Online Portal NIA Office students.php cross site scriptingVulDBVulDB01/01/202401/01/202401/22/2024CVE-2024-0183260986
accepted
249440SourceCodester Engineers Online Portal Admin Login sql injectionVulDBVulDB01/01/202401/01/202401/22/2024CVE-2024-0182260979
accepted
249433RRJ Nueva Ecija Engineer Online Portal Admin Panel admin_user.php cross site scriptingVulDBVulDB01/01/202401/01/202401/22/2024CVE-2024-0181260978
accepted

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!