PT-2025-48304

Configuration defect vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect app data confidentiality and integrity...

PT-2025-48310

Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

PT-2025-48306

Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS file management module, which can be exploited by an attacker to compromise service...

CVE-2025-13555

A vulnerability was detected in Campcodes School File Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument studno results in sql injection. The attack can be initiated remotely. The exploit is now public an...

EUVD-2025-198575

A vulnerability was detected in Campcodes School File Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing manipulation of the argument studno results in sql injection. The attack can be initiated remotely. The exploit is now public and...

CVE-2025-13555

A vulnerability was detected in Campcodes School File Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument studno results in sql injection. The attack can be initiated remotely. The exploit is now public an...

CVE-2025-13555

The CVE-2025-13555 affects Campcodes School File Management System 1.0, specifically the Login component’s /index.php where manipulating the stud_no parameter enables SQL injection. The root cause is an injectable query in the affected file that can be exploited remotely; public exploits exist. M...

CVE-2025-13555 Campcodes School File Management System Login index.php sql injection

A vulnerability was detected in Campcodes School File Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument studno results in sql injection. The attack can be initiated remotely. The exploit is now public an...

PT-2025-47847

Name of the Vulnerable Software and Affected Versions Campcodes School File Management System version 1.0 Description A flaw exists in Campcodes School File Management System that allows for SQL injection. The issue is located within the Login component, specifically in the /index.php file...

CampCodes School File Management System SQL注入漏洞

CampCodes School File Management System is a school file management system from CampCodes Philippines. A SQL injection vulnerability exists in Campcodes School File Management System version 1.0, which stems from the incorrect operation of the parameter studentno in the file /index.php, which may...

CVE-2025-13485

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-13485

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-13485

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-13485

CVE-2025-13485 affects itsourcecode Online File Management System 1.0. The vulnerability is a SQL injection caused by improper handling of the Username argument in /ajax.php?action=login, which can be exploited remotely. Multiple connected sources confirm exploitation has been released publicly. ...

CVE-2025-13485 itsourcecode Online File Management System ajax.php sql injection

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit has been...

itsourcecode Online File Management System SQL注入漏洞

itsourcecode Online File Management System is a itsourcecode open source online file management system. A SQL injection vulnerability exists in itsourcecode Online File Management System version 1.0, which originates from a misuse of the parameter Username in file/ajax.php?action=login, which cou...

QNAP File Station 5 Unlimited or Unthrottled Resource Allocation Vulnerability (CNVD-2025-30284)

QNAP File Station 5 is a core file management application developed by Qualcomm Technologies QNAP for its networked storage NAS devices. QNAP File Station 5 suffers from an Unlimited Resource Allocation or Throttling vulnerability, which can be exploited by an attacker to prevent other systems,...

CVE-2025-12873

A security flaw has been discovered in Campcodes School File Management 1.0. This affects an unknown part of the file /admin/updateuser.php. Performing manipulation of the argument userid results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...

CVE-2025-12873

A security flaw has been discovered in Campcodes School File Management 1.0. This affects an unknown part of the file /admin/updateuser.php. Performing manipulation of the argument userid results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to th...