139 matches found
PT-2025-45467
Name of the Vulnerable Software and Affected Versions projectworlds Online Notes Sharing Platform version 1.0 Description A flaw exists in projectworlds Online Notes Sharing Platform that allows for unrestricted file uploads. This issue is related to the manipulation of the image argument within...
EUVD-2025-36230
A flaw has been found in PHPGurukul Curfew e-Pass Management System 1.0. The impacted element is an unknown function of the file admin-profile.php. Executing manipulation of the argument adminname/email can lead to cross site scripting. The attack may be launched remotely. The exploit has been...
CVE-2025-11595
A vulnerability was found in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /admin-profile.php. Performing a manipulation of the argument mobilenumber results in sql injection. Remote exploitation of the attack is possible. The exploit has be...
PT-2025-41691
Name of the Vulnerable Software and Affected Versions code-projects Client Details System version 1.0 Description A flaw exists in code-projects Client Details System version 1.0 that allows for remote code execution. The issue is located in the file /admin/update-profile.php and involves...
EUVD-2002-0290
Malware in sbrugna...
SourceCodester Hotel and Lodge Management System 代码问题漏洞
SourceCodester Hotel and Lodge Management System is a SourceCodester open source hotel and lodge management system. A code issue vulnerability exists in version 1.0 of the SourceCodester Hotel and Lodge Management System, which stems from an incorrect manipulation of the parameter image in the fi...
EUVD-2025-27101
Malicious code in bioql PyPI...
EUVD-2025-7432
Malicious code in bioql PyPI...
EUVD-2025-29135
Malicious code in bioql PyPI...
EUVD-2025-26224
Malicious code in bioql PyPI...
EUVD-2025-27194
Malicious code in bioql PyPI...
CVE-2025-10663
A vulnerability was found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /my-profile.php. Performing manipulation of the argument cgpa results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used...
CVE-2025-10663
CVE-2025-10663 affects PHPGurukul Online Course Registration 3.1, specifically the /my-profile.php cgpa parameter. The root cause is input manipulation that enables SQL injection, with a remote attack surface and a publicly disclosed exploit. Multiple sources confirm the vulnerability and its exp...
PT-2025-38310
Name of the Vulnerable Software and Affected Versions PHPGurukul Online Course Registration version 3.1 Description A SQL injection issue exists in PHPGurukul Online Course Registration version 3.1. The issue is located in the /my-profile.php file. Manipulation of the cgpa argument can trigger th...
Small CRM /profile.php File SQL Injection Vulnerability
Small CRM is a customer relationship management system. Small CRM suffers from an SQL injection vulnerability that stems from the /profile.php file not having a secure filter for the Name parameter. No details of the vulnerability are available at this time...
CVE-2025-10114 PHPGurukul Small CRM profile.php sql injection
A vulnerability was found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2025-10114
CVE-2025-10114 describes a SQL injection vulnerability in PHPGurukul Small CRM 4.0’s file /profile.php where the Name parameter can be manipulated to execute arbitrary SQL. The connected documents confirm remote exploitation and that the exploit has been publicly disclosed, affecting the web appl...
CVE-2025-10083 SourceCodester Pet Grooming Management Software profile.php unrestricted upload
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/profile.php. Executing manipulation can lead to unrestricted upload. The attack may be performed from remote. The exploit has been publicl...
CVE-2025-10081
CVE-2025-10081 affects SourceCodester Pet Management System v1.0. The flaw is in /admin/profile.php, where manipulating the website_image argument enables unrestricted file upload, with remote exploitation possible. The vulnerability is corroborated by multiple sources; an exploit has been publis...
CVE-2025-10076 SourceCodester Online Polling System manage-profile.php sql injection
A weakness has been identified in SourceCodester Online Polling System 1.0. This affects an unknown function of the file /manage-profile.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and...