140 matches found
CVE-2025-15148
A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetempaction in the library /lib/admin/templateadmin.php of the component Backend Template Management Page. Executing a manipulation of the argument content/tempdata can lead to code injection. The attack may be launched...
CVE-2025-15148
CmsEasy up to 7.7.7 is affected by a code-injection flaw in the savetemp_action function of /lib/admin/template_admin.php in the Backend Template Management Page. Manipulating the content/tempdata argument can enable remote code execution, and an exploit has been published. The vendor has not res...
EUVD-2025-203122
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewadmin.php. This manipulation of the argument adminid causes sql injection. The attack may be initiated remotely. The exploit has been publishe...
PT-2025-50963
Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System version 1.0, specifically within the file /view admin.php. Manipulation of the admin id argument can lea...
CVE-2025-13623 Twitscription <= 0.1.1 - Reflected Cross-Site Scripting via admin.php PATH_INFO
The Twitscription plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the admin.php PATHINFO in all versions up to, and including, 0.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
rConfig RCE (CVE-2020-10221)
The version of rConfig installed on the remote host is affected by a remote code executionvulnerability, as follows: - The flaw exists due to insufficient input validation in the userAdmin.inc.php component, which allows an unauthenticated attacker to upload arbitrary files to the server. By...
CVE-2025-13572
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...
CVE-2025-13576
A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...
CVE-2025-13576 code-projects Blog Site admin.php improper authorization
A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...
PT-2025-47870
A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...
CVE-2025-13572 projectworlds Advanced Library Management System delete_admin.php sql injection
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...
PT-2025-47866
Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System version 1.0, specifically within the /delete admin.php file. Manipulation of the admin id argument can...
CVE-2025-12332
A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...
CVE-2025-12332 SourceCodester Student Grades Management System admin.php delete_user cross site scripting
A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...
CVE-2025-11425
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...
CVE-2025-11425 projectworlds Advanced Library Management System edit_admin.php cross site scripting
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...
CVE-2025-11425 projectworlds Advanced Library Management System edit_admin.php cross site scripting
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...
CVE-2025-11425
CVE-2025-11425 affects projectworlds Advanced Library Management System 1.0, with an XSS vulnerability in the /edit_admin.php handling of the firstname parameter. The issue is exploitable remotely and has publicly available exploits. Other parameters may be affected as well. Authored/verified rep...
PT-2025-41290
Name of the Vulnerable Software and Affected Versions SourceCodester Student Grades Management System version 1.0 Description A security issue exists in SourceCodester Student Grades Management System. The add user function within the /admin.php file, specifically in the Manage Users Page...
EUVD-2006-0989
Malware in sbrugna...