Path traversal in ChanCMS up to version 3.1.2 allows authenticated remote attackers to read or modify arbitrary files via the delfile function in app/extend/utils.js, with publicly available exploit code disclosed. CVSS score of 2.1 reflects low impact (integrity and availability limited to low confidentiality) and requirement for authenticated access, though the vulnerability affects a core file deletion utility. Vendor-released patch available in version 3.1.3.
SQL injection in PHPGurukul BP Monitoring Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the fromdate/todate parameters in /bwdates-report-result.php. The vulnerability requires user authentication (PR:L) but carries low confidentiality, integrity, and availability impact (VC:L/VI:L/VA:L). Publicly available exploit code exists, though real-world exploitation remains limited by authentication requirements and modest technical impact.
Server-side request forgery in ChanCMS up to version 3.1.2 allows authenticated remote attackers to manipulate the targetUrl argument in the getArticle function (app/modules/api/service/gather.js), enabling them to make arbitrary HTTP requests from the affected server. Publicly available exploit code exists, but the CVSS score of 2.1 reflects limited confidentiality, integrity, and availability impact despite network accessibility; exploitation is restricted to authenticated users with low privileges.
SQL injection in Deer WMS 2 up to version 3.3 allows authenticated remote attackers to execute arbitrary SQL queries via the params[dataScope] parameter in the /system/role/list endpoint. The vulnerability has a critically low CVSS score of 2.1 due to limited scope and integrity impact, but exploitation is confirmed possible with publicly available proof-of-concept code. Real-world risk is minimal given the requirement for prior authentication and constrained data access impact.
SQL injection in Deer WMS 2 up to version 3.3 allows authenticated remote attackers to execute arbitrary SQL queries via the params[dataScope] parameter in the /system/dept/list endpoint. Despite a critical classification in the initial report, the CVSS 4.0 vector assigns a 2.1 score reflecting low impact across confidentiality, integrity, and availability. Publicly available exploit code exists; however, EPSS scoring at 0.07% (22nd percentile) suggests minimal real-world exploitation likelihood compared to the authorization requirement and limited information disclosure scope.
SQL injection in Deer WMS 2 versions up to 3.3 allows authenticated remote attackers to execute arbitrary SQL queries via the params[dataScope] parameter in the /system/role/export endpoint, leading to limited information disclosure. The vulnerability carries a CVSS score of 2.1 despite being classified critical in the original report, reflecting the CVSS v4.0 assessment of low confidentiality, integrity, and availability impact combined with required authentication. Publicly available exploit code exists, but real-world exploitation risk remains minimal due to the low EPSS score (0.07%, 22nd percentile) and authentication requirement.
SQL injection in Deer WMS 2 up to version 3.3 allows authenticated remote attackers to manipulate the dataScope parameter in the /system/user/list endpoint, leading to arbitrary SQL query execution with limited information disclosure impact. The CVSS v4.0 score of 2.1 reflects low severity due to required authentication and constrained impact (confidentiality, integrity, and availability all rated low), though publicly available exploit code exists and the vulnerability has been disclosed.
SQL injection in Deer WMS 2 up to version 3.3 allows authenticated remote attackers to execute arbitrary SQL queries via the dataScope parameter in the /system/user/export endpoint, potentially compromising data confidentiality. The vulnerability has a low CVSS score (2.1) due to authentication requirements and limited scope, but publicly available exploit code exists and the attack surface is network-accessible.
SQL injection in Deer WMS 2 up to version 3.3 allows authenticated remote attackers to manipulate the dataScope parameter in the /system/role/authUser/allocatedList endpoint, leading to limited information disclosure. The vulnerability requires valid user credentials and carries a low CVSS base score of 2.1 despite critical severity rating, with publicly available exploit code disclosed via Gitee issue tracker. EPSS exploitation probability is extremely low at 0.07%, indicating this is unlikely to be a widespread attack vector despite public POC availability.
SQL injection in Deer WMS 2 up to version 3.3 allows authenticated remote attackers to execute arbitrary SQL queries via the params[dataScope] argument in the /system/role/authUser/unallocatedList endpoint. The vulnerability requires valid user credentials but has low overall impact (CVSS 2.1) and affects only data confidentiality and integrity with no system availability impact. Publicly available exploit code exists, though EPSS score (0.07%, 22nd percentile) indicates exploitation remains uncommon in practice despite public disclosure.
SQL injection in code-projects Public Chat Room 1.0 via the ID parameter in send_message.php allows authenticated remote attackers to execute arbitrary SQL queries, despite a low CVSS 4.0 score of 2.1. The vulnerability requires prior authentication (PR:L) and offers only limited confidentiality impact (VC:L/VI:L/VA:L), but publicly available exploit code exists and the attack vector is network-accessible with low complexity, making it suitable for low-friction post-compromise lateral movement or information disclosure within authenticated environments.
SQL injection in code-projects Food Review System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the occasion parameter in /admin/approve_reservation.php, resulting in limited data confidentiality and integrity impact. Despite a critical classification in the source database, the CVSS 4.0 score of 2.1 reflects the requirement for authenticated access (PR:L) and limited technical impact scope. Publicly available exploit code exists and the vulnerability has been publicly disclosed.
SQL injection in itsourcecode Insurance Management System 1.0 allows authenticated remote attackers to manipulate the agent_id parameter in /updateAgent.php, enabling unauthorized database queries with limited confidentiality and integrity impact. Despite critical classification in metadata, the CVSS 4.0 vector shows low severity (2.1 score) due to requirement for prior authentication and restricted scope. Public exploit code is available, though EPSS score of 0.06% (20th percentile) suggests minimal real-world exploitation likelihood.
SQL injection in PHPGurukul User Registration & Login and User Management System 3.3 allows authenticated remote attackers to execute arbitrary SQL queries via the ID parameter in /admin/lastthirtyays-reg-users.php. Exploitation requires valid user credentials but no user interaction. Publicly available exploit code exists, though CVSS 2.1 and EPSS 0.06% suggest low real-world exploitation risk despite the critical classification.
SQL injection in PHPGurukul User Registration & Login and User Management System 3.3 allows authenticated remote attackers to manipulate the ID parameter in /admin/lastsevendays-reg-users.php, leading to database query compromise with limited confidentiality and integrity impact. Public exploit code exists, though EPSS scoring (0.06%, 19th percentile) indicates exploitation remains unlikely in practice despite the low attack complexity and low privilege requirement.
SQL injection in PHPGurukul Login and User Management System 3.3 allows authenticated remote attackers to execute arbitrary SQL queries via the ID parameter in /admin/yesterday-reg-users.php. The vulnerability has a publicly available exploit but poses limited real-world risk due to authentication requirements and low CVSS impact scores (2.1/10). Exploitation is marked probable (E:P in CVSS4.0) but the EPSS score of 0.06% suggests minimal actual exploitation despite public disclosure.
Open redirect vulnerability in KoaJS Koa up to version 3.0.0 allows authenticated remote attackers to manipulate the Referrer HTTP header via the back() function in lib/response.js, enabling redirect to arbitrary external URLs with user interaction. The vulnerability has publicly available exploit code and affects the HTTP Header Handler component; EPSS exploitation probability is very low at 0.08% despite public POC availability, suggesting this is primarily a client-side social engineering vector rather than a widely exploitable server-side flaw.
Cross-site scripting (XSS) in Church Donation System 1.0 allows authenticated remote attackers to inject arbitrary JavaScript via the fname parameter in /admin/edit_members.php, requiring user interaction to execute. The vulnerability has a publicly disclosed exploit and EPSS score of 0.05% (16th percentile), indicating low real-world exploitation probability despite public availability of proof-of-concept code.
Unrestricted file upload vulnerability in zhousg letao allows authenticated remote attackers to upload arbitrary files via manipulation of the pictrdtz argument in routes/bf/product.js, leading to potential code execution or system compromise. The vulnerability affects rolling-release versions up to commit 7d8df0386a65228476290949e0413de48f7fbe98, with publicly available exploit code disclosed but limited real-world exploitation risk due to CVSS 2.1 score and low EPSS (0.07%, 20th percentile), suggesting this is primarily a design flaw rather than an actively weaponized threat.
SQL injection in itsourcecode Employee Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the Username parameter in /admin/index.php, resulting in limited confidentiality and integrity impact. Despite a critical classification in the initial report, the CVSS 4.0 vector assigns a severity of 2.1 with low scope impact and requires authenticated access (PR:L), significantly reducing real-world risk. Public exploit code is available, but the extremely low EPSS score (0.06%, 19th percentile) suggests minimal practical exploitation despite disclosure.
Unrestricted file upload in code-projects Document Management System 1.0 via the /insert.php endpoint allows authenticated remote attackers to upload arbitrary files by manipulating the uploaded_file parameter, potentially enabling remote code execution or data exfiltration. Publicly available exploit code exists, though EPSS score of 0.06% suggests limited real-world exploitation likelihood due to low attack impact and authenticated access requirement.
Cross-site scripting (XSS) vulnerability in D-Link DCS-6010L firmware 1.15.03 allows authenticated remote attackers to inject malicious scripts via the paratest argument in the Management Application's /vb.htm endpoint. The vulnerability requires user interaction (UI:P) and affects an end-of-life product with publicly available exploit code, though real-world risk is significantly limited by authentication requirement (PR:L) and very low EPSS score (0.05%).