Skip to main content

Alerts

21 Feb 2025

NA - CVE-2025-25877 - A vulnerability was found in ITSourcecode...

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /admin.php. The attack can use SQL injection to obtain sensitive data.
security-database.com
Read more
21 Feb 2025

NA - CVE-2025-25878 - A vulnerability was found in ITSourcecode...

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /del.php. The attack can use SQL injection to obtain sensitive data.
security-database.com
Read more
21 Feb 2025

NA - CVE-2020-19248 - SQL Injection vulnerability in PbootCMS 1.4.1...

SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching for page contamination...
security-database.com
Read more
21 Feb 2025

NA - CVE-2025-25604 - Totolink X5000R V9.1.0u.6369_B20230113 is...

Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua.
security-database.com
Read more
21 Feb 2025

NA - CVE-2025-25605 - Totolink X5000R V9.1.0u.6369_B20230113 is...

Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua.
security-database.com
Read more
21 Feb 2025

NA - CVE-2025-25767 - A vertical privilege escalation vulnerability...

A vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrarily delete users via a crafted request.
security-database.com
Read more
21 Feb 2025

NA - CVE-2025-25768 - MRCMS v3.1.2 was discovered to contain a...

MRCMS v3.1.2 was discovered to contain a server-side template injection (SSTI) vulnerability in the component \servlet\DispatcherServlet.java. This vulnerability allows attackers to execute...
security-database.com
Read more
21 Feb 2025

NA - CVE-2025-25769 - Wangmarket v4.10 to v5.0 was discovered to...

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /controller/UserController.java.
security-database.com
Read more
21 Feb 2025

NA - CVE-2025-25770 - Wangmarket v4.10 to v5.0 was discovered to...

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /agency/AgencyUserController.java.
security-database.com
Read more
21 Feb 2025

NA - CVE-2025-25772 - A Cross-Site Request Forgery (CSRF) in the...

A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted request.
security-database.com
Read more
Language