Search

Search Results (364251 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-26234 1 Faststone 1 Image Viewer 2024-11-21 7.8 High
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
CVE-2021-26233 1 Faststone 1 Image Viewer 2024-11-21 7.8 High
FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
CVE-2021-26232 1 Simple College Website Project 1 Simple College Website 2024-11-21 9.8 Critical
SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php.
CVE-2021-26231 1 Fantastic Blog Cms Project 1 Fantastic Blog Cms 2024-11-21 9.8 Critical
SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php.
CVE-2021-26230 1 Casap Automated Enrollment System Project 1 Casap Automated Enrollment System 2024-11-21 6.1 Medium
Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to save_user.php.
CVE-2021-26229 1 Casap Automated Enrollment System Project 1 Casap Automated Enrollment System 2024-11-21 9.8 Critical
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php.
CVE-2021-26228 1 Casap Automated Enrollment System Project 1 Casap Automated Enrollment System 2024-11-21 9.8 Critical
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php.
CVE-2021-26227 1 Casap Automated Enrollment System Project 1 Casap Automated Enrollment System 2024-11-21 6.1 Medium
Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the student information parameters to edit_stud.php.
CVE-2021-26226 1 Casap Automated Enrollment System Project 1 Casap Automated Enrollment System 2024-11-21 9.8 Critical
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php.
CVE-2021-26224 1 Fantastic Blog Project 1 Fantastic Blog 2024-11-21 6.1 Medium
Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php.
CVE-2021-26223 1 Casap Automated Enrollment System Project 1 Casap Automated Enrollment System 2024-11-21 9.8 Critical
SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php.
CVE-2021-26222 1 Ezxml Project 1 Ezxml 2024-11-21 8.1 High
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVE-2021-26221 1 Ezxml Project 1 Ezxml 2024-11-21 8.1 High
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVE-2021-26220 1 Ezxml Project 1 Ezxml 2024-11-21 8.1 High
The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVE-2021-26216 1 Seeddms 1 Seeddms 2024-11-21 4.3 Medium
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
CVE-2021-26215 1 Seeddms 1 Seeddms 2024-11-21 4.3 Medium
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
CVE-2021-26201 1 Casap Automated Enrollment System Project 1 Casap Automated Enrollment System 2024-11-21 9.8 Critical
The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page.
CVE-2021-26200 1 Library System Project 1 Library System 2024-11-21 9.8 Critical
The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user.
CVE-2021-26199 1 Jerryscript 1 Jerryscript 2024-11-21 6.5 Medium
An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_bytecode_ref in ecma-helpers.c file.
CVE-2021-26198 1 Jerryscript 1 Jerryscript 2024-11-21 6.5 Medium
An issue was discovered in JerryScript 2.4.0. There is a SEVG in ecma_deref_bigint in ecma-helpers.c file.