PT-2025-49022

Name of the Vulnerable Software and Affected Versions XunRuiCMS versions up to 4.7.1 Description A security flaw exists in XunRuiCMS, specifically within the Email Setting Handler component. The issue involves server-side request forgery, potentially allowing remote exploitation. The flaw is...

PT-2025-47575

A security vulnerability has been detected in Public Knowledge Project omp and ojs 3.3.0/3.4.0/3.5.0. Impacted is an unknown function of the file plugins/paymethod/manual/templates/paymentForm.tpl of the component Payment Instructions Setting Handler. The manipulation of the argument...

EUVD-2025-17447

Malicious code in bioql PyPI...

EUVD-2025-10879

Malicious code in bioql PyPI...

EUVD-2025-5513

Malicious code in bioql PyPI...

EUVD-2025-2112

Malicious code in bioql PyPI...

EUVD-2024-51346

Malicious code in bioql PyPI...

EUVD-2024-50525

Malicious code in bioql PyPI...

EUVD-2025-26357

Malicious code in bioql PyPI...

EUVD-2022-42913

Malicious code in bioql PyPI...

EUVD-2023-3148

Malicious code in bioql PyPI...

EUVD-2024-47922

Malicious code in bioql PyPI...

CVE-2025-9793

A vulnerability was detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /setting/admin.php of the component Setting Handler. Performing manipulation of the argument ddlBranch results in sql injection. The attack is possible to be carried out...

itsourcecode Apartment Management System 安全漏洞

Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in ddlBranch, a parameter of the Setting Handler component in file...

CVE-2025-7933

A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/settingsupdate.php of the component Setting Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated...

CVE-2025-5872 eGauge EG3000 Energy Monitor Setting missing authentication

A vulnerability was found in eGauge EG3000 Energy Monitor 3.6.3. It has been classified as problematic. This affects an unknown part of the component Setting Handler. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed t...

CVE-2025-5661

A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part of the file /save-settings.php of the component Setting Handler. The manipulation of the argument sitename leads to cross site scripting. It is...

PT-2025-23932

Name of the Vulnerable Software and Affected Versions code-projects Traffic Offense Reporting System version 1.0 Description A problematic issue was found in the code-projects Traffic Offense Reporting System, affecting the /save-settings.php file of the Setting Handler component. The manipulatio...

CVE-2024-12001

A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. It is possible to...

CVE-2024-3142

A vulnerability was found in Clavister E10 and E80 up to 14.00.10 and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed ...