Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2023-3007

    A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the component Password Reset Handler. The manipulation of the argum... Read more

    • Published: May. 31, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3149

    A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file admin\user\manage_user.php. The manipulation of the argument id leads to sql injection. It is pos... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3145

    A vulnerability, which was classified as critical, has been found in SourceCodester Online Discussion Forum Site 1.0. Affected by this issue is some unknown functionality of the file classes\Users.php?f=registration. The manipulation of the argument usern... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3146

    A vulnerability, which was classified as critical, was found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\categories\manage_category.php. The manipulation of the argument id leads to sql injection. It ... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2022-31295

    An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts.... Read more

    • Published: Jun. 16, 2022
    • Modified: Apr. 22, 2025

  • 5.4

    MEDIUM
    CVE-2023-3143

    A vulnerability classified as problematic has been found in SourceCodester Online Discussion Forum Site 1.0. Affected is an unknown function of the file admin\posts\manage_post.php. The manipulation of the argument content leads to cross site scripting. I... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3147

    A vulnerability has been found in SourceCodester Online Discussion Forum Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin\categories\view_category.php. The manipulation of the argument id leads to sql injectio... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3148

    A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0 and classified as critical. This issue affects some unknown processing of the file admin\posts\manage_post.php. The manipulation of the argument id leads to sql injection. The at... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 9.8

    CRITICAL
    CVE-2020-23935

    Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)".... Read more

    • Published: Aug. 20, 2020
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2022-29309

    mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery.... Read more

    Affected Products : mysiteforme mysiteforme
    • Published: May. 24, 2022
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3151

    A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file user\manage_user.php. The manipulation of the argument id leads to sql injection.... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 7.2

    HIGH
    CVE-2022-31911

    Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team.... Read more

    • Published: Jun. 16, 2022
    • Modified: Apr. 22, 2025

  • 6.5

    MEDIUM
    CVE-2022-31294

    An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts.... Read more

    • Published: Jun. 16, 2022
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3152

    A vulnerability classified as critical has been found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\posts\view_post.php. The manipulation leads to sql injection. It is possible to initiate the attack re... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 6.5

    MEDIUM
    CVE-2021-46027

    mysiteforme, as of 19-12-2022, has a CSRF vulnerability in the background blog management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, a blog tag will be added... Read more

    Affected Products : mysiteforme mysiteforme
    • Published: Jan. 19, 2022
    • Modified: Apr. 22, 2025

  • 10.0

    HIGH
    CVE-2013-4813

    The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.... Read more

    • Published: Sep. 16, 2013
    • Modified: Apr. 22, 2025

  • 7.5

    HIGH
    CVE-2013-4809

    Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter.... Read more

    • Published: Sep. 16, 2013
    • Modified: Apr. 22, 2025

  • 8.8

    HIGH
    CVE-2023-3150

    A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file posts\manage_post.php. The manipulation of the argument id leads to sql ... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 5.4

    MEDIUM
    CVE-2023-3144

    A vulnerability classified as problematic was found in SourceCodester Online Discussion Forum Site 1.0. Affected by this vulnerability is an unknown functionality of the file admin\posts\manage_post.php. The manipulation of the argument title leads to cro... Read more

    • Published: Jun. 07, 2023
    • Modified: Apr. 22, 2025

  • 6.1

    MEDIUM
    CVE-2024-25854

    Cross Site Scripting (XSS) vulnerability in Sourcecodester Insurance Management System 1.0 allows attackers to run arbitrary code via the Subject and Description fields when submitting a support ticket.... Read more

    Affected Products : insurance_management_system
    • Published: Mar. 11, 2024
    • Modified: Apr. 22, 2025
Showing 20 of 293507 Results