CVE-2026-10876

CVE-2026-10876 affects SourceCodester Ship Ferry Ticket Reservation System 1.0. The vulnerability is described as an improper authorization due to manipulation of an argument on an endpoint under /admin/, with the affected function being unknown. It allows remote exploitation and the exploit has ...

Personnel Property Equipment System 安全漏洞

Personnel Property Equipment System is a personnel property equipment management system developed by Jon Remus Sevellejo. Version 1.0 of Personnel Property Equipment System has a security vulnerability, which stems from an SQL injection vulnerability in the /ppes/admin/advancesearch.php file...

Bematech MP-4200 TH 跨站脚本漏洞

The Bematech MP-4200 TH is a thermal receipt printer produced by the British company Bematech. The Bematech MP-4200 TH has a cross-site scripting vulnerability. This vulnerability stems from a cross-site scripting vulnerability present in the administrator configuration page, which may allow...

Bematech MP-4200 TH 资源管理错误漏洞

The Bematech MP-4200 TH is a thermal receipt printer produced by the British company Bematech. The Bematech MP-4200 TH has a resource management vulnerability, which stems from improper handling of the admin and person parameters on the administrator configuration page. This vulnerability may lea...

CVE-2025-60854

A vulnerability has been found in D-Link R15 AX1500 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd...

D-Link R15 安全漏洞

D-Link R15 is a wireless router from China AUO D-Link. A security vulnerability exists in the D-Link R15 that originates from the incorrect operation of the model name parameter during a password change request in the web administrator page, which could lead to command injection...

EUVD-2019-18444

Malware in sbrugna...

EUVD-2018-1870

Malware in sbrugna...

EUVD-2006-1231

Malware in sbrugna...

EUVD-2022-50378

Malicious code in bioql PyPI...

EUVD-2023-27444

Malicious code in bioql PyPI...

CVE-2022-29666

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan...

CVE-2010-1293

Cross-site scripting XSS vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2342

Cross-site scripting XSS vulnerability in admin.php aka the login page in Content Management Made Easy CMME before 1.22 allows remote attackers to inject arbitrary web script or HTML via the username field...

CVE-2024-3253

A vulnerability classified as critical was found in SourceCodester Internship Portal Management System 1.0. This vulnerability affects unknown code of the file admin/addadmin.php. The manipulation of the argument name/username/password leads to sql injection. The attack can be initiated remotely...

Online College Library System SQL Injection Vulnerability

Online College Library System is an online college library system. A SQL injection vulnerability exists in Online College Library System version 1.0, which originates from a security issue in the /admin/bookadd.php page...

CVE-2023-23344

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...

CVE-2023-23344

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...

Code injection

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...

CVE-2023-23344 HCL BigFix WebUI Insights is susceptible to a lack of sufficient authorization

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...