CVE-2026-7092 code-projects Invoice System in Laravel Profile profile improper authorization

A vulnerability has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /profile/ of the component Profile Handler. Such manipulation of the argument ID leads to improper authorization. The attack can be executed remotely. The exploit has been...

EUVD-2019-20111

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the mngprofileid parameter. Attackers can send crafted requests with malicious SQL payloads in the mngprofileid parameter to extract sensitive database...

CVE-2026-21507

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have an infinite loop in the IccProfile.cpp function, CalcProfileID. This issue is fixed in version 2.3.1.1...

EUVD-2025-201274

UNA CMS versions 9.0.0-RC1 - 14.0.0-RC4 contain a PHP object injection vulnerability in BxBaseMenuSetAclLevel.php where the profileid POST parameter is passed to PHP unserialize without proper handling, allowing remote, unauthenticated attackers to inject arbitrary PHP objects and potentially wri...

CVE-2025-10614

A vulnerability was determined in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0 on COVID. This affects an unknown function of the file /printreportsprev.php. Executing manipulation of the argument profileid can lead to cross site scripting. It is possible to launch the...

CVE-2025-10670 itsourcecode E-Logbook with Health Monitoring System for COVID-19 check_profile.php sql injection

A flaw has been found in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This issue affects some unknown processing of the file /checkprofile.php. Executing manipulation of the argument profileid can lead to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-10670 itsourcecode E-Logbook with Health Monitoring System for COVID-19 check_profile.php sql injection

A flaw has been found in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This issue affects some unknown processing of the file /checkprofile.php. Executing manipulation of the argument profileid can lead to sql injection. It is possible to launch the attack remotely. The...

CVE-2025-10614

A vulnerability was determined in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0 on COVID. This affects an unknown function of the file /printreportsprev.php. Executing manipulation of the argument profileid can lead to cross site scripting. It is possible to launch the...

CVE-2025-10411 itsourcecode E-Logbook with Health Monitoring System for COVID-19 POST Request check_profile.php cross site scripting

A vulnerability was detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This issue affects some unknown processing of the file /stc-log-keeper/checkprofile.php of the component POST Request Handler. The manipulation of the argument profileid results in cross site...

PT-2025-37431

Name of the Vulnerable Software and Affected Versions: itsourcecode E-Logbook version 1.0 Description: A cross-site scripting issue exists due to the manipulation of the profile id argument in the POST Request Handler component. The vulnerability affects the processing of the file...

Linux Distros Unpatched Vulnerability : CVE-2020-1696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the all pki-core 10.x.x versions, where Token Processing Service TPS where it did not properly sanitize Profile IDs, enabling a Stored...

DTP tNexus Airport View 安全漏洞

DTP tNexus Airport View is an application from DTP that helps airport users track and monitor operational information. It is used to track operational updates to enhance airport operations and passenger experience. A security vulnerability exists in DTP tNexus Airport View version 2.8, which stem...

D-Link DAP-2622 安全漏洞

D-Link DAP-2622 is a wireless access point AP from AUO D-Link that supports POE power supply and is mainly used for wireless network coverage in enterprise or commercial scenarios. The D-Link DAP-2622 suffers from a stack buffer overflow remote code execution vulnerability that stems from a...

SourceCodester Game Result Matrix System SQL注入漏洞

Game Result Matrix System is a game system by the individual developer imarkpatric. A SQL injection vulnerability exists in SourceCodester Game Result Matrix System version 1.0, which stems from a problem in the file /dipam/athlete-profile.php, where manipulation of the parameter id can lead to s...

SUSE CVE-2011-4349

Multiple SQL injection vulnerabilities in 1 cd-mapping-db.c and 2 cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and a device id, b property, or c profile id...

CVE-2017-17648

Entrepreneur Dating Script 2.0.1 has SQL Injection via the searchresult.php marital, gender, country, or profileid parameter...