16 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file registerH.php. The manipulation of the argument ima leads to unrestricted upload. The attack may be initiated remotely. • https://github.com/CveSecLook/cve/issues/27 https://vuldb.com/?ctiid.264455 https://vuldb.com/?id.264455 https://vuldb.com/?submit.333477 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file /uupdate.php. The manipulation of the argument ima leads to unrestricted upload. It is possible to launch the attack remotely. • https://github.com/wkeyi0x1/vul-report/issues/2 https://vuldb.com/?ctiid.257388 https://vuldb.com/?id.257388 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical has been found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\posts\view_post.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md#5sql-injection-vulnerability-in-adminpostsview_postphp https://vuldb.com/?ctiid.231021 https://vuldb.com/?id.231021 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file user\manage_user.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. • https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md https://vuldb.com/?ctiid.231020 https://vuldb.com/?id.231020 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file posts\manage_post.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. • https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/Online%20Discussion%20Forum%20Site%20-%20multiple%20vulnerabilities.md https://vuldb.com/?ctiid.231019 https://vuldb.com/?id.231019 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •