Export limit exceeded: 363719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363719 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-35352 | 1 Dino Physics School Assistant Project | 1 Dino Physics School Assistant | 2025-04-11 | 6.1 Medium |
| A vulnerability has been discovered in Diño Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/Users.php?f=save. Manipulating the parameter middlename results in cross-site scripting. | ||||
| CVE-2024-35353 | 1 Dino Physics School Assistant Project | 1 Dino Physics School Assistant | 2025-04-11 | 9.8 Critical |
| A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Users.php?f=save. Manipulating the argument id can result in improper authorization. | ||||
| CVE-2024-35468 | 2 Oretnom23, Sourcecodester | 2 Human Resource Management System, Human Resource Management System | 2025-04-11 | 5.4 Medium |
| A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2024-35469 | 2 Oretnom23, Sourcecodester | 2 Human Resource Management System, Human Resource Management System | 2025-04-11 | 9.8 Critical |
| A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2024-36568 | 2 Mayurik, Sourcecodester | 2 Gas Agency Management System, Gas Agency Management System | 2025-04-11 | 9.8 Critical |
| Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark/editbrand.php?id=. | ||||
| CVE-2024-36569 | 2 Mayurik, Sourcecodester | 2 Gas Agency Management System, Gas Agency Management System | 2025-04-11 | 8.1 High |
| Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php. | ||||
| CVE-2024-31586 | 2 Oretnom23, Sourcecodester | 2 Computer Laboratory Management System, Computer Laboratory Management System | 2025-04-11 | 6.1 Medium |
| A Cross Site Scripting (XSS) vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters. | ||||
| CVE-2022-48195 | 1 Mellium | 1 Sasl | 2025-04-11 | 9.8 Critical |
| An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated (instead, the nonce is empty). This causes authentication to fail in the best case, but (if paired with a remote end that does not validate the length of the nonce) could lead to insufficient randomness being used during authentication. | ||||
| CVE-2022-47128 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey2 parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47127 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlPwd parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47126 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlEn parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47125 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlEn_5g parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47124 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey4 parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47123 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey3 parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47122 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlPwd_5g parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47121 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47120 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47119 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47117 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet. | ||||
| CVE-2022-47115 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | 9.8 Critical |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepauth parameter at /goform/WifiBasicSet. | ||||