10 matches found
CVE-2026-4241
The CVE-2026-4241 entry concerns itsourcecode College Management System 1.0. An SQL injection vulnerability affects an unknown function in /admin/time-table.php via manipulation of the course_code argument. Impact is user-controlled input leading to potential disclosure or modification of data; t...
EUVD-2025-27089
Malicious code in bioql PyPI...
CVE-2025-10067
A vulnerability was detected in itsourcecode POS Point of Sale System 1.0. The impacted element is an unknown function of the file /inventory/main/vendors/datatables/unittesting/templates/emptytable.php. Performing manipulation of the argument scripts results in cross site scripting. It is possib...
PT-2025-36402
Name of the Vulnerable Software and Affected Versions: itsourcecode POS Point of Sale System version 1.0 Description: A vulnerability exists in itsourcecode POS Point of Sale System that allows for cross site scripting. The vulnerability affects unknown code within the file...
Code-Projects Restaurant Order System 注入漏洞
Code-Projects Restaurant Order System is an open source restaurant order system from Code-Projects. An injection vulnerability exists in code-projects Restaurant Order System version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter ID in the file /table.php...
CVE-2024-5194
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoctable.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The exploit has been...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the edit method in controller\Table.php file. An attacker can manipulate SQL queries and access or modify data in the database. Remediation There is no fixed version for funadmin/funadmin. References - GitHub Issue...
Arris VAP2500 命令注入漏洞
The Arris VAP2500 is a wireless video access point device from Arris USA. A command injection vulnerability exists in the Arris VAP2500 version 08.50, which stems from the fact that manipulation of the parameter id in the file /assoctable.php can lead to command injection...
CVE-2024-0466
A vulnerability, which was classified as critical, has been found in code-projects Employee Profile Management System 1.0. This issue affects some unknown processing of the file filetable.php. The manipulation of the argument perid leads to sql injection. The exploit has been disclosed to the...
CVE-2021-40261
Multiple Cross Site Scripting XSS vulnerabilities exist in SourceCodester CASAP Automated Enrollment System 1.0 via the 1 userusername and 2 category parameters in saveclass.php, the 3 firstname, 4 class, and 5 status parameters in studenttable.php, the 6 category and 7 classname parameters in...