PT-2026-40625

Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'sortby' parameter. Attackers can send POST requests to the administrator index with malicious 'sortby' values to extract...

EUVD-2025-30780

Malicious code in bioql PyPI...

Online Bidding System index.php File SQL Injection Vulnerability

Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter aduser in the file /administrator/index.php. An attacker can exploit this...

CVE-2025-10791

A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available t...

CVE-2025-10791

A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available t...

CVE-2025-10791

A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available t...

CVE-2025-10791 code-projects Online Bidding System index.php sql injection

A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available t...

CVE-2025-10791 code-projects Online Bidding System index.php sql injection

A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available t...

Code-Projects Online Bidding System SQL注入漏洞

Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter aduser in the file /administrator/index.php. An attacker can exploit this...

PT-2025-38701

Name of the Vulnerable Software and Affected Versions code-projects Online Bidding System version 1.0 Description A flaw exists in code-projects Online Bidding System 1.0 that allows for SQL injection. The issue is located in the file '/administrator/index.php' and involves manipulation of the...

code-projects Online Shoe Store 安全漏洞

Online Shoe Store is an online shoe store system. Online Shoe Store has an Improper Access Control vulnerability that stems from multiple parameters in the /admin/index.php page containing an improper access control vulnerability. No details of the vulnerability are available at this time...

Joomla! Realtyna RPL (com_rpl) SQL Injection Vulnerability

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other features.Realtyna RPL comrpl component is one of the real estate information component. A SQL injection vulnerability exists in...

JE CMS 1.0.0 - Bypass Authentication by SQL Injection Vulnerability

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-28-je-cms-1-0-0-bypass-authentication-by-sql-injection-vulnerability/ ''' Title : JE CMS 1.0.0 Bypass...

CVE-2010-5042

Cross-site scripting XSS vulnerability in the DJ-ArtGallery comdjartgallery component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party...

Sql injection

SQL injection vulnerability in models/log.php in the Search Log comsearchlog component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these...