CVE-2025-0348

A vulnerability was found in CampCodes DepEd Equipment Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /data/add_employee.php. The manipulation of the argument data leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

This Cyber News was published on www.tenable.com. Publication date: Fri, 10 Jan 2025 10:56:02 +0000

Cyber News related to CVE-2025-0348

Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
11 months ago Bleepingcomputer.com

CVE-2025-0348 - A vulnerability was found in CampCodes DepEd Equipment Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /data/add_employee.php. The manipulation of the argument data leads to cross site ...
1 day ago Tenable.com

CVE-2022-0348 - Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2. ...
2 years ago

CVE-2000-0348 - A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges. ...
16 years ago

CVE-2010-0348 - Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to read arbitrary files via unknown vectors. ...
13 years ago

CVE-2008-0348 - Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04. ...
12 years ago

CVE-2014-0348 - The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to ...
10 years ago

CVE-2002-0348 - service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument. ...
8 years ago

CVE-2017-0348 - All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. ...
7 years ago

CVE-2004-0348 - SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL via the userId parameter. ...
7 years ago

CVE-2005-0348 - Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag. ...
7 years ago

CVE-2006-0348 - Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service (server crash) via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are ...
7 years ago

CVE-2009-0348 - The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid ...
7 years ago

CVE-2011-0348 - Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass ...
7 years ago

CVE-2016-0348 - Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111813. ...
6 years ago

CVE-1999-0348 - IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. ...
6 years ago

CVE-2001-0348 - Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace. ...
6 years ago

CVE-2003-0348 - A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script. ...
6 years ago

CVE-2007-0348 - Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ...
6 years ago

CVE-2015-0348 - Buffer overflow in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors. ...
6 years ago

CVE-2019-0348 - SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted. ...
4 years ago

CVE-2020-0348 - In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: ...
4 years ago

CVE-2021-0348 - In vpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: ...
3 years ago

CVE-2013-0348 - thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file. ...
1 year ago

CVE-2018-0348 - A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could ...
4 years ago

Latest Cyber News

CVE-2024-13183 - 6 hours ago
CVE-2025-0103 - 6 hours ago
CVE-2024-52875 - 6 hours ago
CVE-2025-0311 - 7 hours ago
CVE-2024-12606 - 10 hours ago
CVE-2024-12473 - 10 hours ago
CVE-2024-56377 - 15 hours ago
CVE-2025-21380 - 15 hours ago
CVE-2024-56376 - 15 hours ago
CVE-2024-51229 - 16 hours ago
CVE-2025-21385 - 16 hours ago
CVE-2024-46464 - 16 hours ago
CVE-2023-28354 - 16 hours ago
CVE-2024-13312 - 17 hours ago
CVE-2024-48806 - 17 hours ago
CVE-2024-55224 - 17 hours ago
CVE-2024-55225 - 17 hours ago
CVE-2024-55226 - 17 hours ago
CVE-2024-13301 - 17 hours ago
CVE-2024-13302 - 17 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-43096 - 1 day ago
CVE-2024-43770 - 1 day ago
CVE-2024-43771 - 1 day ago
CVE-2024-49747 - 1 day ago
CVE-2024-49748 - 1 day ago
CVE-2024-12802 - 1 day ago
CVE-2024-13153 - 1 day ago
CVE-2025-0345 - 1 day ago
CVE-2025-0346 - 1 day ago
CVE-2025-0347 - 1 day ago
CVE-2025-0348 - 1 day ago
CVE-2024-11328 - 1 day ago
CVE-2024-11642 - 1 day ago
CVE-2024-11686 - 1 day ago
CVE-2024-11815 - 1 day ago
CVE-2024-11907 - 1 day ago
CVE-2024-11929 - 1 day ago
CVE-2024-12067 - 1 day ago
CVE-2024-12122 - 1 day ago
CVE-2024-12206 - 1 day ago