175 matches found
EUVD-2009-4756
Malware in sbrugna...
EUVD-2020-2876
Malware in sbrugna...
Code-Projects Online Hotel Reservation System 代码问题漏洞
Online Hotel Reservation System is an online hotel reservation system. Online Hotel Reservation System suffers from an arbitrary file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /admin/addgalleryexec.php. No details of the...
EUVD-2025-26236
Malicious code in bioql PyPI...
EUVD-2022-2141
Malicious code in bioql PyPI...
EUVD-2021-30935
Malicious code in bioql PyPI...
EUVD-2023-28114
Malicious code in bioql PyPI...
EUVD-2025-6449
Malicious code in bioql PyPI...
EUVD-2021-32771
Malicious code in bioql PyPI...
EUVD-2023-57019
Malicious code in bioql PyPI...
EUVD-2025-5563
Malicious code in bioql PyPI...
EUVD-2022-39484
Malicious code in bioql PyPI...
EUVD-2022-38922
Malicious code in bioql PyPI...
EUVD-2025-11868
Malicious code in bioql PyPI...
CVE-2025-0616
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Teknolojik Center Telecommunication Industry Trade Co. Ltd. B2B - Netsis Panel allows SQL Injection. This issue affects B2B - Netsis Panel: through 20251003. NOTE: The vendor was contacted early...
GHSA-4C44-R8RM-3P39 Mangati NovoSGA XSS vulnerability in /admin
A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...
CVE-2025-10807
A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/edit-customer-detailed.php. The manipulation of the argument editid results in sql injection. The attack may be launched remotely. The exploit...
CVE-2025-10431
A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/ajaxrepresent.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public...
CVE-2025-10098
PHPGurukul User Management System 1.0 has a SQL injection in /admin/edit-user-profile.php when the uid argument is manipulated. The vulnerability is exploitable remotely, and public exploits have been released. The CVE is corroborated across NVD and other feeds (Red Hat, CVE List, PT Security) wi...
CVE-2025-53363 Dpanel has an arbitrary file read vulnerability
dpanel is an open source server management panel written in Go. In versions 1.2.0 through 1.7.2, dpanel allows authenticated users to read arbitrary files from the server via the /api/app/compose/get-from-uri API endpoint. The vulnerability exists in the GetFromUri function in...