5.3

CVSS4.0

CVE-2025-0406 - liujianview gymxmjpa SubjectController.java SubjectDaoImpl sql injection

A vulnerability was found in liujianview gymxmjpa 1.0. It has been classified as critical. Affected is the function SubjectDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/SubjectController.java. The manipulation of the argument subname leads to sql injection. It is possible to lau…

πŸ“… Published: Jan. 13, 2025, 1 a.m. πŸ”„ Last Modified: May 5, 2025, 3:20 p.m.

5.3

CVSS4.0

CVE-2025-0405 - liujianview gymxmjpa GoodsController.java GoodsDaoImpl sql injection

A vulnerability was found in liujianview gymxmjpa 1.0 and classified as critical. This issue affects the function GoodsDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/GoodsController.java. The manipulation of the argument goodsName leads to sql injection. The attack may be initiat…

πŸ“… Published: Jan. 13, 2025, 12:31 a.m. πŸ”„ Last Modified: May 5, 2025, 3:20 p.m.

5.3

CVSS4.0

CVE-2025-0404 - liujianview gymxmjpa CoachController.java CoachController sql injection

A vulnerability has been found in liujianview gymxmjpa 1.0 and classified as critical. This vulnerability affects the function CoachController of the file src/main/java/com/liujian/gymxmjpa/controller/CoachController.java. The manipulation of the argument coachName leads to sql injection. The attac…

πŸ“… Published: Jan. 13, 2025, 12:31 a.m. πŸ”„ Last Modified: June 23, 2025, 9:16 a.m.

6.9

CVSS4.0

CVE-2025-0403 - 1902756969 reggie Phone Number Validation sendMsg information disclosure

A vulnerability, which was classified as problematic, has been found in 1902756969 reggie 1.0. Affected by this issue is some unknown functionality of the file /user/sendMsg of the component Phone Number Validation Handler. The manipulation of the argument code leads to information disclosure. The …

πŸ“… Published: Jan. 13, 2025, midnight πŸ”„ Last Modified: Oct. 21, 2025, 11:42 a.m.

3.8

CVSS3.1

CVE-2023-42235 -

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple parameters of /monitor/s_normalizedtrans.php.

πŸ“… Published: Jan. 13, 2025, midnight πŸ”„ Last Modified: April 17, 2025, 4:35 p.m.

7.5

CVSS3.1

CVE-2025-22963 -

Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin.

πŸ“… Published: Jan. 13, 2025, midnight πŸ”„ Last Modified: Oct. 7, 2025, 4:53 p.m.

6.5

CVSS3.1

CVE-2024-46920 -

An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadInputBuffers.

πŸ“… Published: Jan. 13, 2025, midnight πŸ”„ Last Modified: June 20, 2025, 4:01 p.m.

8.8

CVSS3.1

CVE-2023-42228 -

Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a request to the "AclList/SaveAclRules" administrative function.

πŸ“… Published: Jan. 13, 2025, midnight πŸ”„ Last Modified: April 17, 2025, 5:43 p.m.

3.8

CVSS3.1

CVE-2023-42236 -

An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in a GET parameter of /common/ajaxfunction.php.

πŸ“… Published: Jan. 13, 2025, midnight πŸ”„ Last Modified: April 17, 2025, 4:35 p.m.

6.1

CVSS3.1

CVE-2023-42250 -

Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via /common/autocomplete.php.

πŸ“… Published: Jan. 13, 2025, midnight πŸ”„ Last Modified: April 17, 2025, 4:34 p.m.
Total resulsts: 343782
Page 6631 of 34,379
Β« previous page Β» next page
Filters