CVE-2025-13485

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-13485

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-13485

CVE-2025-13485 affects itsourcecode Online File Management System 1.0. The vulnerability is a SQL injection caused by improper handling of the Username argument in /ajax.php?action=login, which can be exploited remotely. Multiple connected sources confirm exploitation has been released publicly. ...

CVE-2025-13485 itsourcecode Online File Management System ajax.php sql injection

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit has been...

itsourcecode Online File Management System SQL注入漏洞

itsourcecode Online File Management System is a itsourcecode open source online file management system. A SQL injection vulnerability exists in itsourcecode Online File Management System version 1.0, which originates from a misuse of the parameter Username in file/ajax.php?action=login, which cou...

CVE-2025-10594 SourceCodester Online Student File Management System delete_student.php sql injection

A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletestudent.php. Executing manipulation of the argument studid can lead to sql injection. It is possible to launch the attack remotely...

PT-2025-37775

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A SQL injection flaw exists due to the manipulation of the firstname argument in the /admin/save user.php file. This manipulation can be carried out remotely. The...

Extplorer Command Injection Vulnerability

eXtplorer is a PHP-based online file management program that supports online browsing of files and folders as well as logging into FTP servers as an FTP client. A command injection vulnerability exists in eXtplorer 2.1.9 and earlier versions. The vulnerability can be exploited to inject commands...