1044 matches found
CVE-2026-1118
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/addactivity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...
CVE-2026-1118 itsourcecode Society Management System add_activity.php sql injection
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/addactivity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...
Itsourcecode Society Management System SQL Injection Vulnerability
itsourcecode Society Management System is an open-source social management system developed by itsourcecode. Version 1.0 of the itsourcecode Society Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “Title” in the file...
PT-2026-3386
Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A SQL injection issue exists in itsourcecode Society Management System 1.0. The issue is located in the file /admin/add activity.php. Manipulating the Title argument can lead to SQ...
CVE-2023-43358
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component...
CVE-2023-31800
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter...
CVE-2023-40877
DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting XSS vulnerability at /dede/freelistedit.php via the title parameter...
CVE-2022-26624
Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting XSS vulnerability via the Title parameter in /vendor/views/addproduct.php...
PT-2026-1979
Name of the Vulnerable Software and Affected Versions Intern Membership Management System version 1.0 Description A SQL injection issue exists in the Intern Membership Management System. The issue is located in the file /intern/admin/add activity.php. Manipulation of the Title argument can lead t...
CVE-2026-0582
A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editactivityquery.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be...
CVE-2026-0582 itsourcecode Society Management System edit_activity_query.php sql injection
A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editactivityquery.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be...
EUVD-2026-0900
A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editactivityquery.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be...
CVE-2026-0582
The CVE pertains to itsourcecode Society Management System 1.0. A SQL injection vulnerability exists in the file /admin/edit_activity_query.php triggered by manipulating the Title parameter, with exploitation described as remote and publicly available. Affected component/file: /admin/edit_activit...
itsourcecode Society Management System SQL注入漏洞
itsourcecode Society Management System is an itsourcecode open source society management system. A SQL injection vulnerability exists in version 1.0 of itsourcecode Society Management System, which stems from an incorrect manipulation of the parameter Title in the file /admin/editactivityquery.ph...
CVE-2025-15407
A vulnerability has been found in code-projects Online Guitar Store 1.0. This impacts an unknown function of the file /admin/Createcategory.php. Such manipulation of the argument dreCtitle leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public an...
CVE-2025-15408 code-projects Online Guitar Store Create_product.php sql injection
A vulnerability was found in code-projects Online Guitar Store 1.0. Affected is an unknown function of the file /admin/Createproduct.php. Performing a manipulation of the argument dretitle results in sql injection. The attack is possible to be carried out remotely. The exploit has been made publi...
CVE-2025-15408
A vulnerability was found in code-projects Online Guitar Store 1.0. Affected is an unknown function of the file /admin/Createproduct.php. Performing a manipulation of the argument dretitle results in sql injection. The attack is possible to be carried out remotely. The exploit has been made publi...
PT-2026-1014
Name of the Vulnerable Software and Affected Versions code-projects Online Guitar Store version 1.0 Description A SQL injection issue exists in code-projects Online Guitar Store version 1.0. The issue is located in an unknown function within the /admin/Create product.php file. Manipulating the dr...
WordPress Bold Timeline Lite plugin <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Parameter in 'bold_timeline_group' Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'title' Parameter in 'boldtimelinegroup' Shortcode vulnerability discovered by zaim in WordPress Plugin Bold Timeline Lite versions = 1.2.7...
CVE-2025-54322
Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used...