6.9
CVE-2025-15447 - Seeyon Zhiyuan OA Web Application System assetsService.j%73p sql injection
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor mentioned in the original disclosure filed a report that this issue affects a different vendor. The reseβ¦
6.9
CVE-2025-15446 - Seeyon Zhiyuan OA Web Application System fixedAssetsList.j%73p sql injection
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor mentioned in the original disclosure filed a report that this issue affects a different vendor. The reseβ¦
6.9
CVE-2026-0579 - code-projects Online Product Reservation System POST Parameter edit.php sql injection
A vulnerability was found in code-projects Online Product Reservation System 1.0. This affects an unknown part of the file /handgunner-administrator/edit.php of the component POST Parameter Handler. The manipulation of the argument prod_id/name/price/model/serial results in sql injection. The attacβ¦
6.9
CVE-2026-0578 - code-projects Online Product Reservation System delete.php sql injection
A vulnerability has been found in code-projects Online Product Reservation System 1.0. Affected by this issue is some unknown functionality of the file /handgunner-administrator/delete.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploitβ¦
5.1
CVE-2025-15443 - CRMEB product_export sql injection
A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/product_export. Such manipulation of the argument cate_id leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. Tβ¦
5.1
CVE-2025-15442 - CRMEB product_list sql injection
A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/product_list. This manipulation of the argument cate_id causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. β¦
5.3
CVE-2026-0577 - code-projects Online Product Reservation System prod.php unrestricted upload
A flaw has been found in code-projects Online Product Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /handgunner-administrator/prod.php. Executing a manipulation can lead to unrestricted upload. It is possible to launch the attack remotely. The exploiβ¦
4.9
CVE-2025-14830 - JFrog Artifactory Cross-Site Scripting
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JFrog Artifactory (Workers) allows Cross-Site Scripting (XSS).This issue affects Artifactory (Workers): from >=7.94.0 through <7.117.10.
6.9
CVE-2026-0576 - code-projects Online Product Reservation System Parameter prod.php sql injection
A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an unknown function of the file /handgunner-administrator/prod.php of the component Parameter Handler. Performing a manipulation of the argument cat/price/name/model/serial results in sql injection. It β¦
6.9
CVE-2026-0575 - code-projects Online Product Reservation System Administrator Login adminlogin.php sql injection
A security vulnerability has been detected in code-projects Online Product Reservation System 1.0. This impacts an unknown function of the file /handgunner-administrator/adminlogin.php of the component Administrator Login. Such manipulation of the argument emailadd/pass leads to sql injection. The β¦