🚨 CVE-2024-7221
A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. This affects an unknown part of the file /admin/manage_user.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
🎖@cveNotify
A vulnerability was determined in SourceCodester/Campcodes School Log Management System 1.0. This affects an unknown part of the file /admin/manage_user.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
🎖@cveNotify
Gist
sourcecodester_School Log Management System_SQL_INJECTION_3.md
GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-45031
When editing objects in the Syncope Console, incomplete HTML tags could be used to bypass HTML sanitization. This made it possible to inject stored XSS payloads which would trigger for other users during ordinary usage of the application.
XSS payloads could also be injected in Syncope Enduser when editing “Personal Information” or “User Requests”: such payloads would trigger for administrators in Syncope Console, thus enabling session hijacking.
Users are recommended to upgrade to version 3.0.9, which fixes this issue.
🎖@cveNotify
When editing objects in the Syncope Console, incomplete HTML tags could be used to bypass HTML sanitization. This made it possible to inject stored XSS payloads which would trigger for other users during ordinary usage of the application.
XSS payloads could also be injected in Syncope Enduser when editing “Personal Information” or “User Requests”: such payloads would trigger for administrators in Syncope Console, thus enabling session hijacking.
Users are recommended to upgrade to version 3.0.9, which fixes this issue.
🎖@cveNotify
🚨 CVE-2024-37358
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations
Version 3.7.6 and 3.8.2 restrict such illegitimate use of IMAP literals.
🎖@cveNotify
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations
Version 3.7.6 and 3.8.2 restrict such illegitimate use of IMAP literals.
🎖@cveNotify
🚨 CVE-2025-27696
Incorrect Authorization vulnerability in Apache Superset allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions.
This issue affects Apache Superset: through 4.1.1.
Users are recommended to upgrade to version 4.1.2 or above, which fixes the issue.
🎖@cveNotify
Incorrect Authorization vulnerability in Apache Superset allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions.
This issue affects Apache Superset: through 4.1.1.
Users are recommended to upgrade to version 4.1.2 or above, which fixes the issue.
🎖@cveNotify
🚨 CVE-2025-9772
A vulnerability was detected in RemoteClinic up to 2.0. This affects an unknown part of the file /staff/edit.php. Performing manipulation of the argument image results in unrestricted upload. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
🎖@cveNotify
A vulnerability was detected in RemoteClinic up to 2.0. This affects an unknown part of the file /staff/edit.php. Performing manipulation of the argument image results in unrestricted upload. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
🎖@cveNotify
GitHub
# Projectworlds Remote Clinic System Project V2.0 /staff/edit.php?id=10 File unrestricted upload · Issue #18 · lan041221/cvec
Projectworlds Remote Clinic System Project V2.0 /staff/edit.php?id=10 File unrestricted upload NAME OF AFFECTED PRODUCT(S) -Remote Clinic System Vendor Homepage github.com AFFECTED AND/OR FIXED VER...
🚨 CVE-2025-9773
A flaw has been found in RemoteClinic up to 2.0. This vulnerability affects unknown code of the file /staff/edit.php. Executing manipulation of the argument Last Name can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be used.
🎖@cveNotify
A flaw has been found in RemoteClinic up to 2.0. This vulnerability affects unknown code of the file /staff/edit.php. Executing manipulation of the argument Last Name can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be used.
🎖@cveNotify
GitHub
Projectworlds Remote Clinic System Project V2.0 /staff/edit.php?id=15 cross site scripting · Issue #2 · 03hice-collab/CVE
Last Name OF AFFECTED PRODUCT(S) Remote Clinic System Vendor Homepage github.com AFFECTED AND/OR FIXED VERSION(S) submitter 03hice Vulnerable File /staff/edit.php?id=15 VERSION(S) V2.0 Software Lin...
🚨 CVE-2025-9774
A vulnerability has been found in RemoteClinic up to 2.0. This issue affects some unknown processing of the file /patients/edit-patient.php. The manipulation of the argument Email leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability has been found in RemoteClinic up to 2.0. This issue affects some unknown processing of the file /patients/edit-patient.php. The manipulation of the argument Email leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
#Projectworlds Remote Clinic System Project V2.0 /patients/edit-patient.php?id=159 cross site scripting · Issue #1 · diy777/cve
Projectworlds Remote Clinic System Project V2.0 /patients/edit-patient.php?id=159 cross site scripting Email OF AFFECTED PRODUCT(S) Remote Clinic System Vendor Homepage github.com AFFECTED AND/OR F...
🚨 CVE-2025-9775
A vulnerability was found in RemoteClinic up to 2.0. Impacted is an unknown function of the file /staff/edit-my-profile.php. The manipulation of the argument image results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used.
🎖@cveNotify
A vulnerability was found in RemoteClinic up to 2.0. Impacted is an unknown function of the file /staff/edit-my-profile.php. The manipulation of the argument image results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used.
🎖@cveNotify
GitHub
Projectworlds Remote Clinic System Project V2.0 /staff/edit-my-profile.php File unrestricted upload · Issue #2 · diy777/cve
Projectworlds Remote Clinic System Project V2.0 /staff/edit-my-profile.php File unrestricted upload NAME OF AFFECTED PRODUCT(S) -Remote Clinic System Vendor Homepage github.com AFFECTED AND/OR FIXE...
🚨 CVE-2025-9790
A security flaw has been discovered in SourceCodester Hotel Reservation System 1.0. This affects an unknown part of the file /admin/updateabout.php. The manipulation of the argument address results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited.
🎖@cveNotify
A security flaw has been discovered in SourceCodester Hotel Reservation System 1.0. This affects an unknown part of the file /admin/updateabout.php. The manipulation of the argument address results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be exploited.
🎖@cveNotify
GitHub
cve/Online Hotel Reservation System In PHP With Source Code - SQL Injection in updateabout.php.md at main · YoSheep/cve
My CVE. Contribute to YoSheep/cve development by creating an account on GitHub.
🚨 CVE-2025-9791
A weakness has been identified in Tenda AC20 16.03.08.05. This vulnerability affects unknown code of the file /goform/fromAdvSetMacMtuWan. This manipulation of the argument wanMTU causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.
🎖@cveNotify
A weakness has been identified in Tenda AC20 16.03.08.05. This vulnerability affects unknown code of the file /goform/fromAdvSetMacMtuWan. This manipulation of the argument wanMTU causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.
🎖@cveNotify
GitHub
Tenda/Tenda_AC20_V16.03.08.05.md at main · Cpppq43/Tenda
Contribute to Cpppq43/Tenda development by creating an account on GitHub.
🚨 CVE-2025-9809
Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATH_MAX_LENGTH that is copied using memcpy into a fixed-size buffer.
🎖@cveNotify
Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATH_MAX_LENGTH that is copied using memcpy into a fixed-size buffer.
🎖@cveNotify
GitHub
libretro-common/formats/cdfs/cdfs.c at master · libretro/libretro-common
Reusable coding blocks useful for libretro core and frontend development, written primarily in C. Permissively licensed. - libretro/libretro-common
🚨 CVE-2025-9810
TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path.
🎖@cveNotify
TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path.
🎖@cveNotify
GitHub
linenoise/linenoise.c at master · antirez/linenoise
A small self-contained alternative to readline and libedit - antirez/linenoise
❤1
🚨 CVE-2025-55621
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior; the photos are part of a social platform on which users expect to find one another.
🎖@cveNotify
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL. NOTE: this is disputed by the Supplier because it is intentional behavior; the photos are part of a social platform on which users expect to find one another.
🎖@cveNotify
relieved-knuckle-264 on Notion
Reolink - Download a profile due to IDOR | Notion
📌 1. Reporting information
🚨 CVE-2025-55622
Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings. NOTE: this is disputed by the Supplier because it is intentional behavior to ensure a predictable user experience.
🎖@cveNotify
Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings. NOTE: this is disputed by the Supplier because it is intentional behavior to ensure a predictable user experience.
🎖@cveNotify
relieved-knuckle-264 on Notion
Reolink Task Hijacking | Notion
📌 1. Reporting information
🚨 CVE-2024-28988
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing this report. The ZDI team was able to discover an unauthenticated attack during their research.
We recommend all Web Help Desk customers apply the patch, which is now available.
We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities.
🎖@cveNotify
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing this report. The ZDI team was able to discover an unauthenticated attack during their research.
We recommend all Web Help Desk customers apply the patch, which is now available.
We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities.
🎖@cveNotify
🚨 CVE-2025-9796
A vulnerability was found in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2 of the file common/src/main/java/com/jeesite/common/codec/EncodeUtils.java. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 5.13.0 mitigates this issue. The patch is identified as 63773c97a56bdb3649510e83b66c16db4754965b. Upgrading the affected component is recommended.
🎖@cveNotify
A vulnerability was found in thinkgem JeeSite up to 5.12.1. This affects the function decodeUrl2 of the file common/src/main/java/com/jeesite/common/codec/EncodeUtils.java. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. Upgrading to version 5.13.0 mitigates this issue. The patch is identified as 63773c97a56bdb3649510e83b66c16db4754965b. Upgrading the affected component is recommended.
🎖@cveNotify
GitHub
完善xss过滤表达式,避免出现data: · thinkgem/jeesite5@63773c9
👍Java 快速开发平台,不仅仅是开发框架,它是一个轻量级、企业级低代码解决方案,支持国产化💖国密💖AI助手💖基于 Spring Boot 在线代码生成。包括:组织角色用户、菜单按钮授权、数据权限、内容管理、工作流等。快速增减模块;微内核;安全选项丰富,密码策略;在线预览文件;消息推送;第三方登录;在线任务调度;支持集群、多租户、多数据源、读写分离、微服务。😘动态看temp分支 - 完善xss过滤表达式,避免出现data: · thinkgem/jeesite5@63773c9
🚨 CVE-2025-9797
A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
🎖@cveNotify
A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
🎖@cveNotify
GitHub
Frame Injection · Issue #288 · mrvautin/expressCart
Summary User-controlled img src allows loading untrusted frames, enabling internal service probe & info gathering, content manipulation within trusted contexts. POC
🚨 CVE-2025-9799
A security flaw has been discovered in Langfuse up to 3.88.0. Affected by this vulnerability is the function promptChangeEventSourcing of the file web/src/features/prompts/server/routers/promptRouter.ts of the component Webhook Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been released to the public and may be exploited.
🎖@cveNotify
A security flaw has been discovered in Langfuse up to 3.88.0. Affected by this vulnerability is the function promptChangeEventSourcing of the file web/src/features/prompts/server/routers/promptRouter.ts of the component Webhook Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been released to the public and may be exploited.
🎖@cveNotify
GitHub
SSRF vulnerability · Issue #8522 · langfuse/langfuse
Describe the bug Summary A SSRF vulnerability was discovered on the endpoint /api/trpc/prompts.create (tested on v3.88.0). The target URI parameter for network requests is user-controllable and lac...
🔥1
🚨 CVE-2025-9800
A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. Affected by this issue is the function Import of the file apps/sim/app/api/files/upload/route.ts of the component HTML File Parser. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. This patch is called 45372aece5e05e04b417442417416a52e90ba174. A patch should be applied to remediate this issue.
🎖@cveNotify
A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. Affected by this issue is the function Import of the file apps/sim/app/api/files/upload/route.ts of the component HTML File Parser. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. This patch is called 45372aece5e05e04b417442417416a52e90ba174. A patch should be applied to remediate this issue.
🎖@cveNotify
GitHub
fix(files): fix vulnerabilities in file uploads/deletes (#1130) · simstudioai/sim@45372ae
* fix(vulnerability): fix arbitrary file deletion vuln
* fix(uploads): fix vuln during upload
* cleanup
* fix(uploads): fix vuln during upload
* cleanup
🚨 CVE-2025-9801
A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The identifier of the patch is 45372aece5e05e04b417442417416a52e90ba174. To fix this issue, it is recommended to deploy a patch.
🎖@cveNotify
A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The identifier of the patch is 45372aece5e05e04b417442417416a52e90ba174. To fix this issue, it is recommended to deploy a patch.
🎖@cveNotify
GitHub
fix(files): fix vulnerabilities in file uploads/deletes (#1130) · simstudioai/sim@45372ae
* fix(vulnerability): fix arbitrary file deletion vuln
* fix(uploads): fix vuln during upload
* cleanup
* fix(uploads): fix vuln during upload
* cleanup
🚨 CVE-2025-9802
A vulnerability was detected in RemoteClinic 2.0. This vulnerability affects unknown code of the file /staff/profile.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely.
🎖@cveNotify
A vulnerability was detected in RemoteClinic 2.0. This vulnerability affects unknown code of the file /staff/profile.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely.
🎖@cveNotify
GitHub
SQL Injection in /staff/profile.php via id parameter · Issue #3 · 03hice-collab/CVE
Last Name OF AFFECTED PRODUCT(S) Remote Clinic System Vendor Homepage github.com AFFECTED AND/OR FIXED VERSION(S) submitter 03hice Vulnerable File /staff/profile.php?id=28 VERSION(S) V2.0 Software ...
🔥1