Server-side request forgery (SSRF) in thinkgem JeeSite up to version 5.12.0 allows authenticated remote attackers to manipulate the Source argument in the UEditor Image Grabber component (ActionEnter.java), enabling arbitrary HTTP requests from the vulnerable server with low confidentiality, integrity, and availability impact. Publicly available exploit code exists, and a patch has been released by the vendor.
Open redirect vulnerability in JeeSite up to version 5.12.0 allows unauthenticated remote attackers to redirect users to arbitrary external websites via a crafted redirect parameter in the Site Controller select function. The vulnerability requires user interaction (clicking a malicious link) but carries low integrity impact through browser-based redirection. Publicly available exploit code exists, and a patch is available from the vendor; however, the EPSS score of 0.11% indicates low real-world exploitation probability despite public disclosure.
Unrestricted file upload in code-projects Online Ordering System 1.0 allows authenticated remote attackers to upload arbitrary files via the image parameter in /admin/edit_product.php, enabling remote code execution. The vulnerability affects the admin product editing functionality and has publicly available exploit code; however, the low CVSS score (2.1) and minimal EPSS percentile (26%) indicate limited real-world exploitation despite authenticated access requirements.
Cross-site request forgery (CSRF) vulnerability in code-projects E-Commerce Site version 1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users via a crafted request. The vulnerability requires user interaction (e.g., clicking a malicious link) and affects the integrity of user sessions. Publicly available exploit code exists, though the EPSS score of 0.06% indicates low real-world exploitation probability relative to the attack surface.
SQL injection in Patient Record Management System 1.0 via the itr_no parameter in /xray_form.php allows authenticated remote attackers to execute arbitrary SQL queries with low confidentiality, integrity, and availability impact. The vulnerability requires valid user credentials (PR:L) but can be exploited remotely over the network. Public exploit code is available, though real-world exploitation risk remains low given the EPSS score of 0.04% and limited scope of impact (local scope only, no confidentiality/integrity/availability impact to the system itself).
Stored cross-site scripting (XSS) in Scada-LTS up to version 2.7.8.1 allows authenticated remote attackers to inject malicious scripts via the Username parameter in the usersProfiles.shtm file, with user interaction required to trigger payload execution. The vulnerability has a very low CVSS score (2.0) due to authentication and user interaction requirements, but public exploit code is available and vendor has confirmed remediation in version 2.8.0.
Stored cross-site scripting (XSS) in Scada-LTS up to 2.7.8.1 allows authenticated users to inject malicious scripts via the Username parameter in the users.shtm file, enabling session hijacking or credential theft when administrators view affected user profiles. The vulnerability requires user interaction (clicking a malicious link) and authenticated access, resulting in low integrity impact. Public exploit code exists, though active exploitation has not been confirmed beyond disclosure. The vendor confirmed remediation in version 2.8.0.
Reflected cross-site scripting (XSS) in ZCMS 3.6.0 Create Article Page allows authenticated attackers to inject malicious scripts via the Title parameter. The vulnerability requires user interaction (clicking a malicious link) and results in limited impact to integrity, with EPSS score of 0.05% (14th percentile) indicating minimal real-world exploitation probability despite public disclosure.