28 matches found
CVE-2025-13254
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...
EUVD-2025-197738
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...
CVE-2025-13254
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...
CVE-2025-13254 projectworlds Advanced Library Management System add_member.php sql injection
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...
CVE-2025-13254 projectworlds Advanced Library Management System add_member.php sql injection
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...
CVE-2025-13254
CVE-2025-13254 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in the unknown code path of /add_member.php where manipulation of the roll_number parameter enables SQL injection. Exploitation may be remote and public exploitation is indicated by the sources. The ...
Projectworlds Advanced Library Management System SQL注入漏洞
Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in Projectworlds Advanced Library Management System version 1.0, which stems from incorrect manipulation of the parameter rollnumber in the file...
PT-2025-47101
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /add member.php. Such manipulation of the argument roll number leads to sql injection. The attack may be performed from remote. The exploit is publicly...
EUVD-2010-5056
Malware in sbrugna...
CVE-2023-39714
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section...
Badaso 跨站脚本漏洞
Badaso is an open source Laravel Vue headless CMS from Uasoft Open Source. A cross-site scripting vulnerability exists in Badaso versions v.0.0.1 through v.2.9.7, which stems from a vulnerability that allows remote attackers to execute arbitrary code via a crafted payload on the Name of membe...
CVE-2023-39709
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section...
CVE-2023-39709
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section...
CVE-2023-39709
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section...
CVE-2023-39709
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section...
Inventory Management System 跨站脚本漏洞
Inventory Management System is an inventory management system from the individual developers of stemword. A security vulnerability exists in Free and Open Source Inventory Management System v1.0 that could allow an attacker to execute arbitrary web script or HTML by injecting a crafted payload in...
CVE-2020-21141
iCMS v7.0.15 was discovered to contain a Cross-Site Request Forgery CSRF via /admincp.php?app=members&do=add...
CVE-2020-18265
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=actaddmember"...
YzmCMS YzmCMS 跨站请求伪造漏洞
YzmCMS is a lightweight open source content management system based on PHP+Mysql architecture developed by Yuan Zhimeng alone. YzmCMS 5.8 version of the existence of cross-site request forgery vulnerability, the attacker can be member/member/add.html through the use of this vulnerability to add...