Null pointer dereference in Kamailio 5.5.0's grammar rule handler (src/core/cfg.y, yyerror_at function) causes denial of service when processing malformed configuration files. Local authenticated attackers can trigger the vulnerability by manipulating config files, resulting in application crash. Publicly available exploit code exists, but exploitation requires local access and config file manipulation, limiting real-world attack surface. EPSS score of 0.03% indicates minimal exploitation probability despite disclosed POC.
Kamailio 5.5.0 suffers a null pointer dereference in the rve_is_constant function (src/core/rvalue.c) triggered by manipulation of local configuration files, resulting in denial of service. The attack requires local access with low privileges and produces only availability impact. Publicly available exploit code exists, but active exploitation has not been confirmed by CISA KEV, and the vulnerability's genuine existence remains disputed by the original reporter. Real-world risk is minimal given the low EPSS score (0.03%), requirement for config file manipulation, and minimal impact surface.
Stored cross-site scripting (XSS) in code-projects Client Details System 1.0 allows authenticated high-privilege users to inject malicious scripts into the /admin/clientview.php endpoint that execute in the context of other users' browsers. The vulnerability requires user interaction (victim must view affected content) and high administrative privileges to exploit, limiting real-world risk despite public exploit disclosure. EPSS score of 0.03% reflects the stringent authentication and interaction requirements that prevent widespread automated exploitation.
Cross-site scripting (XSS) in code-projects Client Details System 1.0 allows high-privileged authenticated users to inject malicious scripts via the /update-clients.php endpoint, requiring user interaction to execute. The vulnerability carries a low CVSS score of 1.9 due to high privilege requirements (PR:H) and mandatory user interaction (UI:P), but publicly available exploit code exists, making it actionable for insider threats or social engineering scenarios targeting administrators.
Use-after-free vulnerability in Kamailio 5.5.0 configuration file parser allows local authenticated attackers to cause denial of service or memory corruption via malformed configuration files. The vulnerability exists in the sr_push_yy_state function within the lexical analyzer (cfg.lex) and has publicly available exploit code, though the vendor has not responded to disclosure and practical exploitability remains uncertain due to the requirement for direct configuration file manipulation.
Heap-based buffer overflow in Kamailio 5.5.0's rve_destroy function allows local authenticated attackers to cause limited data corruption through manipulation of configuration files, with publicly available exploit code but extremely low real-world risk due to local access requirement, authenticated privilege level, and acknowledged uncertainty about vulnerability existence.
Code injection in Zytec Dalian Zhuoyun Technology Central Authentication Service up to version 20251009 allows authenticated remote attackers to inject arbitrary code via manipulation of the get.layer, get.widget, and get.action parameters in the /index.php/auth/widget endpoint. Public exploit code is available, but real-world exploitation risk is low given the low CVSS score (2.1), requirement for prior authentication, and extremely low EPSS score (0.04%), suggesting limited practical exploitability despite proof-of-concept availability.
CSV injection in Axosoft Scrum and Bug Tracking 22.1.1.11545 allows authenticated remote attackers to inject malicious CSV formulas via the Title argument on the Edit Ticket Page, potentially enabling formula execution or data exfiltration when exported. Public exploit code exists and the vendor has not responded to disclosure notifications despite early contact.
Improper authorization in TIME-SEA-PLUS PayController.java alipayIsSucceed function allows authenticated remote attackers to disclose sensitive information related to order status handling. The vulnerability affects versions up to commit fb299162f18498dd9cf17da906886d80a077d53b, with publicly available exploit code disclosed but low real-world exploitation probability (EPSS 0.03%). Attack requires valid user credentials and network access but does not enable privilege escalation or data modification.
Reflected cross-site scripting (XSS) in Suishang Enterprise-Level B2B2C Multi-User Mall System 1.0 allows remote attackers to inject malicious scripts via the keywords parameter in the /i/359 endpoint. The vulnerability requires user interaction (clicking a malicious link) and results in limited integrity impact. Although exploit code has been publicly disclosed and the vendor did not respond to early disclosure, the EPSS score of 0.03% and low CVSS impact (2.1) suggest minimal real-world exploitation probability.
Reflected cross-site scripting (XSS) in Suishang Enterprise-Level B2B2C Multi-User Mall System 1.0 allows remote attackers to inject malicious scripts via the category_id parameter in the /Point/index/activity_state endpoint. The vulnerability requires user interaction (UI:P) to trigger and has low integrity impact, but publicly available exploit code exists. The vendor did not respond to disclosure notifications.
Cross-site scripting (XSS) vulnerability in abhicodebox ModernShop 20250922 allows remote attackers to inject malicious scripts via the 'q' parameter in the /search endpoint, requiring user interaction to execute. The vulnerability has a published exploit and low CVSS score (2.1) due to user interaction requirement, but affects the integrity of victim sessions with EPSS exploitation probability of 0.03% indicating minimal real-world exploitation likelihood.
SQL injection in shawon100 RUET OJ through the ID parameter of /details.php allows authenticated remote attackers to manipulate database queries with low confidentiality, integrity, and availability impact. The vulnerability affects commits up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5, with publicly available exploit code released. Despite moderate CVSS 2.1, the low EPSS score of 0.02% and requirement for prior authentication significantly limit real-world exploitation likelihood.
SQL injection in RUET OJ via the Name parameter in /contestproblem.php allows authenticated remote attackers to execute arbitrary SQL queries with limited impact on confidentiality and integrity. The vulnerability affects the rolling-release codebase up to commit 18fa45b0a669fa1098a0b8fc629cf6856369d9a5, requires valid login credentials to exploit, and carries a very low CVSS score (2.1) despite publicly available exploit code, indicating minimal real-world risk due to authentication barriers and constrained database access.
SQL injection in RUET OJ /description.php endpoint allows authenticated remote attackers to manipulate the ID parameter and inject arbitrary SQL commands, achieving limited confidentiality and integrity compromise. The vulnerability affects the rolling-release version up to commit 18fa45b0a669fa1098a0b8fc629cf6856369d9a5, with publicly available exploit code disclosed. Despite the public disclosure, the extremely low EPSS score (0.02%) and high authentication barrier suggest minimal real-world exploitation risk, though the unresponsive vendor posture leaves the codebase unpatched.
Path traversal vulnerability in OpenWGA 7.11.12 Build 737 TMLScript API WGA.File component allows high-privileged remote attackers to manipulate file paths and access unauthorized resources. The vulnerability has publicly available exploit code and an extremely low EPSS score (0.07%, percentile 22%), suggesting limited real-world exploitation despite network accessibility, likely due to the requirement for high-level authentication that restricts practical attack surface.
Unrestricted file upload vulnerability in Muzuro Ecommerce System and ashymuzuro Full-Ecommerce-Website up to version 1.1.0 allows remote authenticated high-privilege administrators to upload arbitrary files via the Add Product Page (/admin/index.php?add_product), with exploit code publicly disclosed. Despite low CVSS score (2.0) due to high privilege requirement, the vulnerability enables direct code execution risk in admin-controlled uploads and received no vendor response to disclosure.
Stored cross-site scripting (XSS) in OpenWGA 7.11.12 Build 737 Admin UI allows authenticated users with low privileges to inject malicious scripts that execute in the browsers of other users who view the affected interface. Exploitation requires user interaction (clicking a crafted link or visiting a manipulated page), limiting real-world impact despite remote accessibility. Public exploit disclosure exists, but EPSS scoring (0.03%, 7th percentile) and low CVSS severity (2.0) indicate minimal active exploitation likelihood in real deployments.
Stored cross-site scripting (XSS) in Iqbolshoh php-business-website admin/contact.php allows authenticated attackers with user interaction to inject malicious scripts via the twitter parameter, affecting data integrity for other users. The vulnerability affects a rolling-release project up to commit 10677743a8dfc281f85291a27cf63a0bce043c24, has published exploit code available, but carries low real-world risk due to authentication requirement (PR:L), user interaction dependency (UI:P), and limited impact scope (VI:L only). EPSS exploitation probability is 0.03% (7th percentile), indicating minimal practical exploitation likelihood despite public POC availability.