|
2581
|
- |
|
-
|
-
|
ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding t…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-21624
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2582
|
- |
|
-
|
-
|
ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 238, ClipBucket V5 allows unauthenticated attackers to change the template directory via a directory traversal, which resul…
|
CWE-22
CWE-306
Path Traversal
Missing Authentication for Critical Function
|
CVE-2025-21623
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2583
|
- |
|
-
|
-
|
ClipBucket V5 provides open source video hosting with PHP. During the user avatar upload workflow, a user can choose to upload and change their avatar at any time. During deletion, ClipBucket checks …
|
CWE-22
Path Traversal
|
CVE-2025-21622
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2584
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Online Book Shop 1.0. It has been rated as critical. This issue affects some unknown processing of the file /process_login.php. The manipulation of the argu…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0298
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2585
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Online Book Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /detail.php. The manipulation of the argument id…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0297
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2586
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kmfoysal06 SimpleCharm allows Reflected XSS.This issue affects SimpleCharm: from n/a through 1.4.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-56056
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2587
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rezgo Rezgo allows PHP Local File Inclusion.This issue affects Rezgo: from n/a…
|
CWE-98
CWE-829
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2024-53800
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2588
|
- |
|
-
|
-
|
An authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary code via uploading a crafted file.
|
-
|
CVE-2024-53345
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2589
|
- |
|
-
|
-
|
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Versions of the matrix-sdk-crypto Rust crate before 0.8.0 lack a dedicated mechanism to notify that a user's cryptograp…
|
CWE-223
|
CVE-2024-52813
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2590
|
- |
|
-
|
-
|
Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative actions, such as booking a vehicle or confirming a booking.…
|
-
|
CVE-2024-48245
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
