MiniCMS 授权问题漏洞

MiniCMS is a mini content management system designed for personal websites by the individual developer of Dada bg5sbk. An authorization issue vulnerability exists in MiniCMS 1.8 and earlier versions, which stems from incorrect operation of the file /minicms/mc-admin/post.php of the component Tras...

EUVD-2025-198580

A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed a...

PT-2025-34728 · Unknown · 1000Projects Online Project Report Submission/Evaluation System

Name of the Vulnerable Software and Affected Versions: 1000projects Online Project Report Submission and Evaluation System version 1.0 Description: A security flaw exists in 1000projects Online Project Report Submission and Evaluation System version 1.0. The manipulation of the address argument i...

CVE-2025-9150

An SQL injection vulnerability exists in Surbowl dormitory-management-php (up to commit 9f1d9d1f528cabffc66fda3652c56ff327fda317) via manipulation of the id parameter in /admin/violation_add.php. It can be exploited remotely, and an exploit is publicly available. Rolling release means version inf...

CVE-2023-1441

A vulnerability has been found in SourceCodester Automatic Question Paper Generator System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/courses/viewcourse.php of the component GET Parameter Handler. The manipulation of the argument i...

Complete Online Beauty Parlor Management System /forgot-password.php File SQL Injection Vulnerability

Complete Online Beauty Parlor Management System is an online beauty parlor management system. The Complete Online Beauty Parlor Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the email parameter of the...

CVE-2023-26956

onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/curd/code...

Simple Cold Storage Management System SQL注入漏洞

Sourcecodester Simple Cold Storage Management System is a web-based application used as a cold storage business website to provide their customers or prospects with an easily accessible platform to learn about their company. A SQL injection vulnerability exists in Simple Cold Storage Management...

CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the lack of validation of the id parameter of /admin.php/pic/admin/type/hy against...

CVE-2022-28437

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3...

CVE-2022-27477

Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload via the Upload function at /admin/goods/edit...

HelpDEZk Cross-Site Request Forgery Vulnerability

HelpDEZk is a suite of PHP-based software for managing requests, events. A cross-site request forgery vulnerability exists in admin/home/person/ in HelpDEZk. It allows remote attackers to construct malicious URIs and trick users into parsing them, which can be used to perform malicious actions an...