EUVD-2025-198056

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...

SourceCodester Online Hotel Reservation System 代码问题漏洞

SourceCodester Online Hotel Reservation System is a SourceCodester open source online hotel system. A code issue vulnerability exists in SourceCodester Online Hotel Reservation System version 1.0, which stems from an unrestricted file double-penetration vulnerability in the image parameter of the...

Cache Poisoning

ezsystems/ezplatform is vulnerable to cache poisoning. The vulnerability is due to the inability to prevent front-controller script inclusion in URLs when using eZ Platform Cloud or within the .platform.app.yaml configuration file. It allows an attacker to manipulate the cache and potentially ser...

GHSA-QHJC-HG94-245V eZ Platform Prevent accepting app.php in URL in Platform.sh

The recommended rewrite rules in eZ Platform prevent users from including the front-controller script normally "app.php" in URLs. This prevents certain vulnerabilities related to caching. However, this is not possible when using eZ Platform Cloud i.e. running eZ Platform on the Platform.sh cloud...

ISIC SQL注入漏洞

ISIC is a website backend by asith-eranga individual developer. A security vulnerability exists in ISIC tour booking that stems from the presence of SQL injection, which allows attackers to execute arbitrary commands via the username parameter in /system/user/modules/modusers/controller.php...

OpenEMR Cross-Site Scripting Vulnerability (CNVD-2019-28408)

OpenEMR is a medical practice management software that also supports electronic medical records EMR. A cross-site scripting vulnerability in the docid parameter in controller.php in OpenEMR 5.0.1 and earlier versions can be exploited by an attacker to execute arbitrary code in the context of a us...

BTGrup.txt

Description : A web controller script. Site : http://www.btgrup.com Username : 'or''=' Password : 'or''=' Thanx : My Friends b3g0k and KHC memberz Freedom For Ocalan...