OAuth2 Proxy versions 7.11.0 through 7.15.1 fail to clear the session cookie when rendering the sign-in page due to a regression, allowing authenticated users to remain logged in even after attempting to log out via the sign-in page. On shared workstations, a subsequent user could hijack the previous user's authenticated session without additional credentials. This affects only deployments using the sign-in page as part of logout flow; organizations with dedicated logout endpoints are unaffected. The vulnerability carries a low CVSS score of 3.5 (physical attack vector required) but poses meaningful risk in shared-access environments.
MaxKB versions 2.7.1 and below allow authenticated users to spoof tool execution results by exploiting Python frame introspection to extract the wrapper's UUID from bytecode, then writing forged output directly to file descriptor 1 to bypass stdout redirection and terminate the wrapper process before legitimate output is generated, causing the service to trust the attacker-controlled response. This integrity bypass requires prior authentication and local/network access but enables attackers to manipulate AI tool results without detection. The vulnerability has been patched in version 2.8.0.
Input validation bypass in jq command-line JSON processor allows attackers to craft JSON with embedded NUL bytes that jq incorrectly truncates, validating only a benign prefix while silently discarding malicious trailing data. Versions before commit 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b are affected; the vulnerability enables parser differential attacks where jq validates hostile input as safe JSON, but downstream consumers process the complete input including injected payloads. With low CVSS (2.9) and attack timing complexity, exploitation risk remains moderate in scenarios where jq serves as a validation gate for untrusted JSON forwarded to other processors.
SourceCodester Patient Appointment Scheduler System v1.0 suffers from SQL injection in the SystemSettings.php update_settings function, allowing authenticated high-privilege administrators to execute arbitrary SQL queries. While tagged as RCE, the CVSS vector (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N) and SSVC framework indicate limited confidentiality impact with no confirmed integrity or availability consequences; this is primarily a SQL injection vulnerability requiring administrative credentials with no public exploit code identified at time of analysis.
SQL injection in Sourcecodester Storage Unit Rental Management System v1.0 allows high-privilege authenticated administrators to execute arbitrary SQL queries via the /storage/admin/maintenance/manage_pricing.php endpoint, resulting in partial confidentiality impact. The CVSS score of 2.7 reflects the requirement for high administrative privileges and absence of integrity or availability impact, placing this as a low-risk vulnerability despite the SQL injection classification. No public exploit code or active exploitation has been identified.
Insufficiently protected credentials in Fortinet FortiSandbox 5.0.0-5.0.5, 4.4.x, and FortiSandbox PaaS 5.0.1-5.0.5 allow authenticated administrators to read LDAP server credentials via client-side inspection. This low-severity information disclosure requires high-privilege authentication and network access, exposing only credential confidentiality without enabling modification or denial of service.
SQL Injection in SourceCodester Online Employees Work From Home Attendance System v1.0 allows high-privileged authenticated attackers to execute arbitrary SQL queries via the /wfh_attendance/admin/view_att.php endpoint, potentially disclosing sensitive employee attendance data. The vulnerability requires administrative credentials and carries low real-world risk despite SQL injection's severity class, as evidenced by CVSS 2.7 and SSVC designation of no exploitation likelihood with partial technical impact. No public exploit code or active exploitation has been identified.
SQL Injection in SourceCodester Storage Unit Rental Management System v1.0 allows authenticated administrative users to execute arbitrary SQL queries via the /storage/admin/maintenance/manage_storage_unit.php endpoint. The vulnerability requires high-privilege access (PR:H) and returns only limited information (confidentiality impact only), resulting in a low CVSS score of 2.7. No public exploit code or active exploitation has been confirmed at the time of analysis.
SQL injection in SourceCodester Online Employees Work From Home Attendance System v1.0 allows high-privilege authenticated attackers to extract sensitive database information via the /wfh_attendance/admin/manage_department.php endpoint. The CVSS 2.7 score reflects low real-world risk due to the requirement for high-privilege administrative credentials and confidentiality-only impact; no public exploit code has been identified, and the vulnerability is not confirmed as actively exploited.
SQL injection in SourceCodester Storage Unit Rental Management System v1.0 allows high-privileged authenticated attackers to read sensitive database contents via crafted input in /storage/admin/rents/manage_rent.php. The vulnerability requires administrator-level access and produces only limited information disclosure with no impact on data integrity or availability. EPSS and SSVC assessments indicate minimal real-world exploitation risk due to authentication barrier and non-automatable attack requirements.
SQL injection in Sourcecodester Storage Unit Rental Management System v1.0 allows high-privileged remote attackers to read sensitive data through the /storage/admin/tenants/view_details.php endpoint. With a CVSS score of 2.7 and requirement for high administrative privileges (PR:H), this vulnerability has minimal real-world impact despite the SQL injection class; however, it represents a privilege-abuse risk within already-compromised administrative contexts. No public exploit code or active exploitation has been confirmed.
SQL Injection in SourceCodester Online Employees Work From Home Attendance System v1.0 allows high-privilege remote attackers to read sensitive database contents via crafted input to the /wfh_attendance/admin/view_employee.php endpoint. CVSS 2.7 reflects high authentication barriers (PR:H requires admin access), no automatable exploitation per SSVC, and confidentiality impact only. No public exploit code or active exploitation confirmed at time of analysis.
SQL Injection in SourceCodester Online Employees Work From Home Attendance System v1.0 allows high-privilege authenticated attackers to read sensitive database contents via crafted input to the /wfh_attendance/admin/manage_employee.php file. The CVSS score of 2.7 reflects limited impact (confidentiality only, no integrity or availability loss) and high authentication barriers (administrator role required). No public exploit code or active exploitation has been confirmed.
SQL injection in SourceCodester Online Employees Work From Home Attendance System v1.0 allows high-privilege authenticated attackers to execute arbitrary SQL queries via the /wfh_attendance/admin/attendance_list.php endpoint, enabling unauthorized data disclosure with low confidentiality impact. The vulnerability requires administrator-level access and carries minimal real-world risk due to high privilege requirements and low exploitability (SSVC exploitation status: none), though it represents a defense-in-depth failure in an administrative function.
SQL injection in SourceCodester Patient Appointment Scheduler System v1.0 allows authenticated high-privilege users to read sensitive database information via the /scheduler/admin/appointments/view_details.php endpoint. The vulnerability requires administrative credentials and network access but carries low real-world risk due to restrictive authentication requirements (PR:H), limited scope of impact (confidentiality only), and CVSS score of 2.7. No public exploit code or active exploitation has been identified.
SQL injection in SourceCodester Patient Appointment Scheduler System v1.0 allows authenticated high-privilege administrators to read sensitive data through the /scheduler/admin/appointments/manage_appointment.php endpoint. The vulnerability requires administrative credentials and does not enable data modification or denial of service, limiting real-world impact despite network-accessible exposure. CVSS score of 2.7 reflects the high authentication barrier and confidentiality-only impact; CISA SSVC framework rates exploitation as 'none' with no automatable attack path.
SQL injection in SourceCodester Patient Appointment Scheduler System v1.0 at /scheduler/admin/user/manage_user.php allows high-privilege authenticated attackers to read sensitive data via crafted SQL queries. CVSS score of 2.7 reflects the requirement for high administrative privileges (PR:H), limiting real-world impact. SSVC framework confirms no known active exploitation, non-automatable attack, and partial technical impact (confidentiality only). This is a low-severity vulnerability constrained by authentication requirements despite the presence of a SQL injection flaw.
Open redirect vulnerability in Fortinet FortiNAC-F allows authenticated system administrators to redirect users to arbitrary websites through crafted CSV file uploads. Affects FortiNAC-F 7.6.0-7.6.5, all 7.4.x, and all 7.2.x versions. The attack requires high privilege level (system administrator role) and user interaction (UI:R), resulting in low real-world impact despite network-accessible attack vector. No public exploit code or active exploitation confirmed.
ColdFusion versions 2023.18, 2025.6, and earlier are vulnerable to uncontrolled resource consumption that allows high-privileged attackers to trigger application denial-of-service by exhausting system resources without user interaction. This is a low-severity issue (CVSS 2.4) affecting only authenticated administrators, with no public exploit code or active exploitation reported.
ColdFusion versions 2023.18, 2025.6 and earlier are vulnerable to uncontrolled resource consumption that allows high-privileged attackers to trigger denial-of-service by exhausting system resources without user interaction. The CVSS score of 2.4 reflects low severity due to the high-privilege requirement (PR:H), though the attack vector is adjacent network access and does not require authentication once the attacker has elevated privileges.
Schneider Electric PowerChute™ Serial Shutdown versions 1.4 and prior expose confidential information through log file insertion when a Web Admin user executes a malicious file supplied by an attacker. The vulnerability (CWE-532) results in low confidentiality impact with local access required and user interaction; no public exploit code or active exploitation has been identified, and the overall CVSS score of 2.4 reflects limited real-world risk despite information disclosure classification.
SAP Landscape Transformation allows high-privileged remote attackers to inject arbitrary ABAP code and operating system commands through an RFC-exposed function module, resulting in limited integrity impact where attackers cannot control the scope or extent of modifications. The attack requires high privileges, high complexity, and user interaction, reflected in a CVSS 2.0 score; no public exploit code or active exploitation has been identified.
Denial of service in giskard-checks RegexMatching check via unguarded regex pattern matching allows local attackers with write access to check definitions to trigger catastrophic backtracking in Python's re.search() function, causing process hangs and disrupting CI/CD pipelines or automated test execution.