1035 matches found
CVE-2025-9011
A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this issue is some unknown functionality of the file /shopping/signup.php. The manipulation of the argument emailid leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2025-9011
A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this issue is some unknown functionality of the file /shopping/signup.php. The manipulation of the argument emailid leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2025-9011
A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this issue is some unknown functionality of the file /shopping/signup.php. The manipulation of the argument emailid leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2025-9011 PHPGurukul Online Shopping Portal Project signup.php sql injection
A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this issue is some unknown functionality of the file /shopping/signup.php. The manipulation of the argument emailid leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2025-9011
CVE-2025-9011 affects PHPGurukul Online Shopping Portal Project 2.0. The vulnerability is in the file /shopping/signup.php, where manipulation of the emailid parameter enables a SQL injection. This can be exploited remotely, and the exploit has been disclosed publicly. Multiple connected sources ...
PHPGurukul Online Shopping Portal Project 注入漏洞
Online Shopping Portal Project is an online shopping portal project. A SQL injection vulnerability exists in Online Shopping Portal Project, which originates from the lack of validation of externally entered SQL statements in the parameter emailid in the file /shopping/signup.php. An attacker can...
PT-2025-33443 · Unknown · Phpgurukul Online Shopping Portal Project
Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal Project version 2.0 Description: A SQL injection issue exists in the file /shopping/signup.php due to the manipulation of the emailid argument. This allows for remote attacks, and the exploit has been publicl...
Malicious code in ft-next-signup (npm)
The package ft-next-signup was found to contain malicious code...
MAL-2025-21019 Malicious code in ft-next-signup (npm)
The package ft-next-signup was found to contain malicious code...
Malicious code in signup-ui-lego-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 63d83acde52ca36693d2c4274687d70b0758d12141ee41ae8a97bb6e9267b983 The OpenSSF Package Analysis project identified 'signup-ui-lego-core'...
MAL-2025-6891 Malicious code in signup-ui-lego-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 63d83acde52ca36693d2c4274687d70b0758d12141ee41ae8a97bb6e9267b983 The OpenSSF Package Analysis project identified 'signup-ui-lego-core'...
BIT-LIBPYTHON-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
CVE-2020-9322
The /users endpoint in Statamic Core before 2.11.8 allows XSS to add an administrator user. This can be exploited via CSRF. Stored XSS can occur via a JavaScript payload in a username during account registration. Reflected XSS can occur via the /users PATHINFO...
CVE-2025-8442
A vulnerability has been found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cussignup.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The...
CVE-2025-54573 CVAT vulnerable to email verification bypass by use of basic authentication
CVAT is an open source interactive video and image annotation tool for computer vision. In versions 1.1.0 through 2.41.0, email verification was not enforced when using Basic HTTP Authentication. As a result, users could create accounts using fake email addresses and use the product as verified...
CVE-2025-8248
A vulnerability classified as critical was found in code-projects Online Ordering System 1.0. This vulnerability affects unknown code of the file /signup.php. The manipulation of the argument firstname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...
Code-Projects Online Ordering System 注入漏洞
Code-Projects Online Ordering System is a Code-Projects open source online ordering system. An injection vulnerability exists in code-projects Online Ordering System version 1.0, which originates from a SQL injection due to the incorrect operation of the parameter firstname in the file /signup.ph...
live helper chat 安全漏洞
Live Helper Chat is an open source plugin that supports online chat by an individual developer Live Helper Chat. Provides chat functionality for web platforms. A security vulnerability exists in live helper chat version v4.60, which stems from insufficient validation of the Name parameter input o...
CVE-2025-7814
A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/signupfunction.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has be...
Code-Projects Food Ordering Review System 注入漏洞
Code-Projects Food Ordering Review System is a Code-Projects open source food ordering review system. An injection vulnerability exists in Code-Projects Food Ordering Review System version 1.0, which originates from a SQL injection due to misuse of the parameter fname in the file...