CVE-2026-9809

A stored Cross-Site Scripting XSS vulnerability exists in the Projects component of Mautic 7. When displaying project tags and popovers on administrative detail views such as campaigns, emails, or forms, user-supplied project names are rendered without proper sanitization. An authenticated user...

CVE-2021-47800

CVE-2021-47800 affects b2evolution 7.2.2 and is a cross-site request forgery (CSRF) that enables attackers to modify admin account details without authentication. The vulnerability arises from forged requests triggering admin-profile changes via a crafted webpage loaded by a victim, enabling mani...

EUVD-2025-203292

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This issue affects some unknown processing of the file /admindetail.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2025-14652

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This issue affects some unknown processing of the file /admindetail.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2025-14652 itsourcecode Online Cake Ordering System admindetail.php sql injection

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This issue affects some unknown processing of the file /admindetail.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2024-10989

A vulnerability classified as critical has been found in code-projects E-Health Care System 1.0. This affects an unknown part of the file /Admin/detail.php. The manipulation of the argument sid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed ...

code-projects E-Health Care System 注入漏洞

Code-Projects E-Health Care System is an e-health care system from Code-Projects open source. An injection vulnerability exists in code-projects E-Health Care System version 1.0, which stems from the parameter sid in the file /Admin/detail.php that can lead to SQL injection...

PT-2024-16681 · Unknown · Code-Projects E-Health Care System

Name of the Vulnerable Software and Affected Versions: code-projects E-Health Care System version 1.0 Description: A critical issue has been found in the code-projects E-Health Care System, affecting an unknown part of the file /Admin/detail.php. The manipulation of the s id argument leads to SQL...

DeepSync Sundray WLAN Controller Command Injection Vulnerability

Sundray WLAN Controller Sundray WAC is a set of wireless LAN controller software from China Sundray Network Technology Sundray. A security vulnerability exists in Sundray WAC 3.7.4.2 and previous versions of WAC. The vulnerability can be exploited by a remote attacker to read the...