CVE-2024-6949

A vulnerability classified as problematic was found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Affected by this vulnerability is an unknown functionality of the file /pages.php?edit=News. The manipulation leads to path traversal. The attack can be launched remotely. The exploi...

CVE-2024-6901

A vulnerability classified as critical has been found in SourceCodester Record Management System 1.0. Affected is an unknown function of the file entry.php. The manipulation of the argument school leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

CVE-2024-11138

A vulnerability classified as problematic has been found in DedeCMS 5.7.116. This affects an unknown part of the file /dede/uploads/dede/friendlinkadd.php. The manipulation of the argument logoimg leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-13007

A vulnerability, which was classified as critical, was found in Codezips Event Management System 1.0. Affected is an unknown function of the file /contact.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2024-13084

A vulnerability classified as critical was found in PHPGurukul Land Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-property.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The...

CVE-2023-0960

A vulnerability was found in SeaCMS 11.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/config.ftp.php of the component Picture Management. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been...

CVE-2023-0530

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/approveuser.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely...

CVE-2023-3276

A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...

CVE-2023-6084

A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the argument VUID leads to sql injection. The exploit has been disclosed to the public and ma...

CVE-2022-4274

A vulnerability, which was classified as critical, was found in House Rental System. Affected is an unknown function of the file /view-property.php. The manipulation of the argument propertyid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2022-4015

A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/makepayments.php. The manipulation of the argument mid/plan leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2022-2293

A vulnerability classified as problematic was found in SourceCodester Simple Sales Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /cissms/index.php/orders/create. The manipulation of the argument customername with the input leads to cross site...

CVE-2022-2804

A vulnerability was found in SourceCodester Zoo Management System. It has been classified as critical. Affected is an unknown function of the file /pages/applyvacancy.php. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The...

CVE-2020-36544

A vulnerability has been found in SialWeb CMS and classified as problematic. This vulnerability affects unknown code of the component Search Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-5078

CVE-2025-5078 affects Campcodes Online Shopping Portal 1.0 (PHPGurukul/Campcodes). The /admin/subcategory.php script is vulnerable: manipulation of the Category argument enables SQL injection. Exploitation is remote and PoC/public exploit activity is noted. Remediation status is not provided in t...

CVE-2017-20130

A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/searchproperty.php. The manipulation of the argument propertyfor leads to sql injection. The attack can be...

CVE-2017-20116

A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checkedgroupid leads to basic cross site scripting Reflected. It is possible to launch the attack remotely. T...

CVE-2025-5051

CVE-2025-5051 concerns a buffer overflow in FreeFloat FTP Server 1.0, specifically in the BINARY Command Handler. The flaw is exploitable remotely and has been publicly disclosed, with multiple sources describing a critical/high-severity impact. Affected component: BINARY Command Handler within t...

CVE-2025-5011

A vulnerability classified as problematic was found in moonlightL hexo-boot 4.3.0. This vulnerability affects unknown code of the file /admin/home/index.html of the component Dynamic List Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has...

CVE-2025-4892

A vulnerability was found in code-projects Police Station Management System 1.0. It has been declared as critical. Affected by this vulnerability is the function criminal::remove of the file source.cpp of the component Delete Record. The manipulation of the argument No leads to stack-based buffer...