CVE-2025-61549

Cross-Site Scripting XSS is present on the LoginID parameter on the /PSP/app/web/reg/regdisplay.asp endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.76. Unsanitized user input is reflected in HTTP responses without proper HTML encoding or escaping. This allows...

CVE-2025-61549

Cross-Site Scripting XSS is present on the LoginID parameter on the /PSP/app/web/reg/regdisplay.asp endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.76. Unsanitized user input is reflected in HTTP responses without proper HTML encoding or escaping. This allows...

CVE-2025-13422

A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/changespwd.php. Performing manipulation of the argument loginid results in sql injection. The attack may be initiated remotely. The exploit...

Sports Club Management System in php SQL注入漏洞

Sports Club Management System in php is a sports club management system by Darkseid Personal Developer. A SQL injection vulnerability exists in Sports Club Management System in php version 1.0, which stems from an incorrect manipulation of the parameter loginid in the file...

CVE-2025-13422

CVE-2025-13422 affects freeprojectscodes Sports Club Management System 1.0. The vulnerable element is an unknown function in /dashboard/admin/change_s_pwd.php where manipulating the login_id parameter triggers SQL injection. The vulnerability is remotely exploitable and the exploit is public. Doc...

CVE-2025-13422 freeprojectscodes Sports Club Management System change_s_pwd.php sql injection

A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/changespwd.php. Performing manipulation of the argument loginid results in sql injection. The attack may be initiated remotely. The exploit...

PT-2025-47540

Name of the Vulnerable Software and Affected Versions freeprojectscodes Sports Club Management System version 1.0 Description A flaw exists in freeprojectscodes Sports Club Management System 1.0 that allows for SQL injection. The issue is located in an unknown function within the...

📄 iDempiere WebUI 12.0.0.202508171158 Session Fixation

iDempiere WebUI version 12.0.0.202508171158 suffers from a session fixation vulnerability. The application does not issue a new session identifier JSESSIONID after successful authentication. An attacker who can set or predict a victim’s session ID prior to login may hijack the victim’s...

CVE-2025-1183

A vulnerability has been found in CodeZips Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/admin/more-userprofile.php. The manipulation of the argument loginid leads to sql injection. The attack can be launche...

Exploit for CVE-2024-9441

CVE-2024-9441-POC CVE-2024-9441 is a command injection vulner...

CVE-2024-52614

Use of hard-coded cryptographic key issue exists in "Kura Sushi Official App Produced by EPARK" for Android versions prior to 3.8.5. If this vulnerability is exploited, a local attacker may obtain the login ID and password for the affected product...

CVE-2024-52614

Use of hard-coded cryptographic key issue exists in "Kura Sushi Official App Produced by EPARK" for Android versions prior to 3.8.5. If this vulnerability is exploited, a local attacker may obtain the login ID and password for the affected product...

Nortek Control Linear eMerge E3-Series 安全漏洞

The Nortek Control Linear eMerge E3-Series is an access control from Nortek Control USA. It allows you to specify which doors a person can use to enter and exit a specified location at a specified time. A security vulnerability exists in Nortek Control Linear eMerge E3-Series version 1.00-07 and...

PT-2024-39634 · Linear · Linear Emerge E3-Series

Name of the Vulnerable Software and Affected Versions: Linear eMerge e3-Series versions 1.00-07 Description: The Linear eMerge e3-Series is vulnerable to an OS command injection issue. A remote and unauthenticated attacker can execute arbitrary OS commands via the login id parameter when invoking...

CVE-2024-40883

CVE-2024-40883 is a Cross-site request forgery vulnerability in ELECOM wireless LAN routers. The issue occurs when an administrator views a malicious page while logged into affected devices, which may cause unintended actions such as changing login credentials. Connected documents identify affect...

CVE-2024-2647

A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /admin/singlelogin.php. The manipulation of the argument loginId leads to sql injection. The attack may be initiated...

Netentsec NS-ASG Application Security Gateway SQL Injection Vulnerability

Netentsec NS-ASG Application Security Gateway is an application security gateway from China Netentsec. A SQL injection vulnerability exists in Netentsec NS-ASG Application Security Gateway version 6.3, which originates from the parameter loginId in the file /admin/singlelogin.php that can lead to...

CVE-2023-6903

A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3.1. This affects an unknown part of the file /admin/singlelogin.php?submit=1. The manipulation of the argument loginId leads to sql injection. It is possible to initiate the attack remotely...

July 19, 2022—KB5015879 (OS Build 20348.859) Preview

July 19, 2022—KB5015879 OS Build 20348.859 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out...

Hospital Management System SQL注入漏洞

Hospital Management System HMS is a computer system that helps manage health care-related information and helps health care providers do their jobs efficiently. hospital Management System v1.0 is vulnerable to a SQL injection vulnerability that originates in the adminlogin. A SQL injection issue...