Michaelchong

#11696of 53,632
23.5Total CVSS
Vulnerabilities · 3
Medium
1
High
1
Critical
1
PT-2026-47152
6.5
2026-06-06
Jinher · Jinher Oa C6 · CVE-2026-11412
**Name of the Vulnerable Software and Affected Versions** Jinher OA C6 (affected versions not specified) **Description** A SQL injection flaw exists in the file '/C6/JHSoft.Web.ModuleCount/GetFormSn.aspx'. A remote attacker can exploit this by manipulating the `queryID` argument. SQL injection is a technique where an attacker inserts malicious SQL code into a query, allowing them to interfere with the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-18963
9.8
2025-05-04
Unknown · Phpgurukul E-Diary Management System · CVE-2025-4249
**Name of the Vulnerable Software and Affected Versions** PHPGurukul e-Diary Management System version 1.0 **Description** A critical vulnerability was found in the PHPGurukul e-Diary Management System, affecting some unknown functionality of the file /manage-categories.php. The manipulation of the `ID` argument leads to SQL injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the functionality related to the /manage-categories.php file until a patch is available. Restrict access to the `ID` argument in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-18012
7.2
2025-04-27
Unknown · Amtt Hotel Broadband Operation System · CVE-2025-3983
**Name of the Vulnerable Software and Affected Versions** AMTT Hotel Broadband Operation System version 1.0 **Description** A critical issue has been found in the system, affecting an unknown functionality of the file /manager/system/nlog down.php. The manipulation of the `ProtocolType` argument leads to command injection. This issue can be exploited remotely. Other parameters might also be affected. **Recommendations** For AMTT Hotel Broadband Operation System version 1.0, as a temporary workaround, consider restricting access to the /manager/system/nlog down.php file until a patch is available. Avoid using the `ProtocolType` argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.