230 matches found
EUVD-2022-53220
Malicious code in bioql PyPI...
EUVD-2022-33615
Malicious code in bioql PyPI...
EUVD-2023-46088
Malicious code in bioql PyPI...
EUVD-2025-31707
Malicious code in bioql PyPI...
EUVD-2025-11541
Malicious code in bioql PyPI...
CVE-2025-8877 AffiliateWP <= 2.28.2 - Unauthenticated SQL Injection
The AffiliateWP plugin for WordPress is vulnerable to SQL Injection via the ajaxgetaffiliateidfromlogin function in all versions up to, and including, 2.28.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
WordPress plugin AffiliateWP SQL注入漏洞
WordPress AffiliateWP plugin an affiliate marketing plugin designed for the WordPress platform, mainly used to help users quickly build an affiliate program, track referrals, pay commissions and other functions. WordPress AffiliateWP plugin suffers from a SQL injection vulnerability that stems fr...
CVE-2025-57119
An issue in Online Library Management System v.3.0 allows an attacker to escalate privileges via the adminlogin.php component and the Login function...
Online Library Management System adminlogin.php Component Elevation of Privilege Vulnerability
Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in the Online Library Management System, which is caused by a flaw in the adminlogin.php component and the Login function, and can be exploited by an attacker to cause an...
CVE-2025-57119
An issue in Online Library Management System v.3.0 allows an attacker to escalate privileges via the adminlogin.php component and the Login function...
CVE-2025-57119
An issue in Online Library Management System v.3.0 allows an attacker to escalate privileges via the adminlogin.php component and the Login function...
PT-2025-37985
Name of the Vulnerable Software and Affected Versions: Online Library Management System version 3.0 Description: An issue allows an attacker to escalate privileges via the adminlogin.php component and the Login function. Recommendations: Apply updates to address the issue in version 3.0. As a...
PHPGurukul Online Library Management System 安全漏洞
Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in the Online Library Management System, which is caused by a flaw in the adminlogin.php component and the Login function, and can be exploited by an attacker to cause an...
CVE-2025-57119
CVE-2025-57119 affects Online Library Management System v3.0. The vulnerability is a privilege-escalation flaw in the adminlogin.php component via the Login() function. Impact is indicated as high (CVSS 9.8, CRITICAL). Remediation information present in connected documents suggests applying updat...
CVE-2025-57119
An issue in Online Library Management System v.3.0 allows an attacker to escalate privileges via the adminlogin.php component and the Login function...
CVE-2025-10100 SourceCodester Simple Forum Discussion System admin_class.php sql injection
A vulnerability was detected in SourceCodester Simple Forum Discussion System 1.0. This impacts an unknown function of the file /adminclass.php?action=login. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is n...
CVE-2025-9757
A vulnerability was determined in Campcodes/SourceCodester Courier Management System 1.0. Affected is the function Login of the file /ajax.php. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed...
CVE-2025-51092
The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn and signUp build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareDat...
Improper Authentication
Overview Affected versions of this package are vulnerable to Improper Authentication via the Login function in the api/login.go file. An attacker can gain unauthorized access by submitting any 6-digit code during the two-factor authentication process. Remediation Upgrade...
CVE-2025-8741 macrozheng mall login cleartext transmission
A vulnerability was found in macrozheng mall up to 1.0.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/login. The manipulation leads to cleartext transmission of sensitive information. The attack can be launched remotely. The...