PT-2025-49516

Name of the Vulnerable Software and Affected Versions Simple Leave Manager version 1.0 Description A flaw exists in an unspecified functionality of the /request.php file that allows for SQL injection. Manipulating the staff id argument can trigger this issue, and the attack can be initiated...

Code-Projects Simple Leave Manager SQL注入漏洞

Code-Projects Simple Leave Manager is an open source leave management system from Code-Projects. A SQL injection vulnerability exists in Code-Projects Simple Leave Manager version 1.0, which stems from incorrect manipulation of the parameter staffid in the file /request.php, which could lead to a...

Qualitor 代码注入漏洞

Qualitor is a managed service process and centralized service platform from Qualitor, Inc. A code injection vulnerability exists in Qualitor versions 8.20 and 8.24, which stems from the incorrect manipulation of the parameter passageiros in the file /html/st/stdeslocamento/request/getResumo.php,...

EUVD-2018-2968

Malware in sbrugna...

CVE-2024-10605

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /file/request.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2023-0527

A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file search-request.php. The manipulation of the argument searchdata with the input " leads to cross site scripting. The atta...

CVE-2022-3975

A vulnerability, which was classified as problematic, has been found in NukeViet CMS. Affected by this issue is the function filterAttr of the file vendor/vinades/nukeviet/Core/Request.php of the component Data URL Handler. The manipulation of the argument attrSubSet leads to cross site scripting...

CVE-2025-2658

A vulnerability, which was classified as critical, has been found in PHPGurukul Online Security Guards Hiring System 1.0. Affected by this issue is some unknown functionality of the file /search-request.php. The manipulation of the argument searchdata leads to sql injection. The attack may be...

CVE-2025-1582 PHPGurukul Online Nurse Hiring System all-request.php sql injection

A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/all-request.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely. The...

CVE-2024-10605

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /file/request.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has bee...

Code-Projects Blood Bank Management System 跨站请求伪造漏洞

Code-Projects Blood Bank Management System is a Code-Projects open source blood bank management system. A cross-site request forgery vulnerability exists in Code-Projects Blood Bank Management System version 1.0, which originates from a cross-site request forgery vulnerability contained in the fi...

PT-2024-10604 · Unknown · Lunad3V Areaload

Name of the Vulnerable Software and Affected Versions: LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec Description: A critical issue affects the processing of the file request.php, where the manipulation of the phone argument leads to sql injection. The estimated number of...

AreaLoad SQL注入漏洞

AreaLoad is an open source job upload platform written in PHP by Lizihu Utopia LUNA Association. AreaLoad suffers from an SQL injection vulnerability that stems from the parameter phone in the file request.php that can lead to SQL injection...

PT-2024-25753 · Sourcecodester · Sourcecodester Human Resource Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 Description: The issue allows attackers to approve or reject leave tickets due to an insecure permission vulnerability in the /hrm/leaverequest.php file. Recommendations: For version...

Gleez Cms 安全漏洞

Gleez CMS is a user-friendly web content management system from Gleez Open Source. A security vulnerability exists in Gleez Cms version 1.2.0. A remote attacker can exploit this vulnerability to execute arbitrary code and obtain sensitive information via module/gleez/classes/request.php...

U.S. Department of State: Time Based SQL Injection

A Time-Based SQL Injection vulnerability was identified on a website that uses WordPress CMS. The vulnerability was found in the search function of the website, where a gap was observed in the search results. The vulnerability allowed an attacker to inject malicious code and potentially access th...

SUSE CVE-2007-3947

request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service daemon crash by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault...

PT-2023-16333 · Unknown · Phpgurukul Online Security Guards Hiring System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Security Guards Hiring System version 1.0 Description: A vulnerability was found in the PHPGurukul Online Security Guards Hiring System, affecting some unknown functionality of the file search-request.php. The manipulation o...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function. PoC curl --path-as-is "http://localhost:3000/../package.json Details A Directory Traversal attack also known as path...

Vinades NukeViet 安全漏洞

Vinades NukeViet is an open source Content Management System CMS from Vinades Vietnam. A security vulnerability exists in Vinades NukeViet CMS, which originates from an affected filterAttr function in the vendor/vinades/nukeviet/Core/Request.php file of the Data URL Handler component, where...