CVE-2026-28516 openDCIM <= 23.04 SQL Injection in Config::UpdateParameter

openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config::UpdateParameter. The install.php and container-install.php handlers pass user-supplied input directly into SQL statements using string interpolation without prepared statements or proper input...

EUVD-2018-13116

Malware in sbrugna...

CVE-2025-9402 HuangDou UTCMS Config update.php server-side request forgery

A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the file app/modules/ut-frame/admin/update.php of the component Config Handler. Performing manipulation of the argument UPDATEURL results in server-side request forgery. The attack is possible to be carri...

PT-2025-34583 · Unknown · Huangdou Utcms Version 9

Name of the Vulnerable Software and Affected Versions: HuangDou UTCMS version 9 Description: A server-side request forgery issue exists due to manipulation of the UPDATEURL argument within the app/modules/ut-frame/admin/update.php file of the Config Handler component. This allows for remote...

PT-2025-23172 · Freescout · Freescout

Name of the Vulnerable Software and Affected Versions: FreeScout versions prior to 1.8.178 Description: The issue is related to insufficient validation of user input in the php path parameter, allowing code injection. This occurs because backticks characters and tabulation are not removed from us...

School-Management-System SQL Injection Vulnerability

School-Management-System is a school management system by the individual developer Lahiru Danushka. A SQL injection vulnerability exists in School-Management-System version 1.0.0, 1.0.1, which stems from an incorrect operation of the parameter update that can lead to sql injection...

School-Management-System SQL Injection Vulnerability

School-Management-System is a school management system by the individual developer Lahiru Danushka. A SQL injection vulnerability exists in School-Management-System version 1.0.0, 1.0.1, which stems from an incorrect operation of the parameter update that can lead to sql injection...

CVE-2023-52812

In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In SR-IOV environment, the value of pcietable-numoflinklevels will be 0, and numoflevels - 1 will cause array index out of bounds...

PT-2023-4236 · Unknown · Rtu500 Series

Name of the Vulnerable Software and Affected Versions: RTU500 series product affected versions not specified Description: A vulnerability exists in the HCI IEC 60870-5-104 function, which can be exploited if the HCI 60870-5-104 is configured with support for IEC 62351-3. After the session...

SUSE-SU-2019:2219-1 Security update for ardana-ansible, ardana-db, ardana-freezer, ardana-glance, ardana-input-model, ardana-nova, ardana-osconfig, ardana-tempest, caasp-openstack-heat-templates, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui, documentation-suse-openstack-cloud, galera-python-clustercheck, openstack-cinder, openstack-glance, openstack-heat, openstack-horizon-plugin-monasca-ui, openstack-horizon-plugin-neutron-fwaas-ui, openstack-ironic, openstack-keystone, openstack-manila, openstack-monasca-agent, openstack-monasca-api, openstack-monasca-persister, openstack-monasca-persister-java, openstack-murano, openstack-neutron, openstack-neutron-gbp, openstack-neutron-lbaas, openstack-nova, openstack-octavia, python-Beaver, python-oslo.db, python-osprofiler, python-swiftlm, venv-openstack-magnum, venv-openstack-monasca, venv-openstack-monasca-ceilometer, venv-openstack-murano, venv-openstack-neutron

This update for ardana-ansible, ardana-db, ardana-freezer, ardana-glance, ardana-input-model, ardana-nova, ardana-osconfig, ardana-tempest, caasp-openstack-heat-templates, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui, documentation-suse-openstack-cloud, galera-python-clustercheck,...