CVE-2019-25713

MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegrouptotal parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind...

Linanto Control Web Panel (CWP) < 0.9.8.1205 Command Injection (CVE-2025-48703)

The version of Linanto Control Web Panel CWP, a web based control panel application, installed on the remote host is prior to 0.9.8.1205. It is, therefore, affected by a remote code execution via shell metacharacters in the ttotal parameter in a filemanager changePerm request. Note that Nessus ha...

CVE-2025-48703

CWP aka Control Web Panel or CentOS Web Panel before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the ttotal parameter in a filemanager changePerm request. A valid non-root username must be known...

CVE-2024-11995

A vulnerability has been found in code-projects Farmacia 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /pagamento.php. The manipulation of the argument total leads to cross site scripting. The attack can be launched remotely. The exploit...

PT-2024-17389 · Code Projects · Code-Projects Farmacia

Name of the Vulnerable Software and Affected Versions: code-projects Farmacia version 1.0 Description: A problem has been found in the file /pagamento.php, affecting an unknown functionality. The manipulation of the total argument leads to cross-site scripting attacks, which can be launched...

Code-Projects Farmacia 代码注入漏洞

Code-Projects Farmacia is a content management system from Code-Projects open source. A code injection vulnerability exists in Code-Projects Farmacia version 1.0, which stems from the parameter total in the file /pagamento.php that can lead to cross-site scripting attacks...

PT-2024-39095 · Unknown · Sourcecodester Food Ordering Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Food Ordering Management System version 1.0 Description: A problematic vulnerability was found in the SourceCodester Food Ordering Management System. This issue affects the Price Handler component, specifically the file...

PT-2023-29425 · Unknown · Online Examination System

Name of the Vulnerable Software and Affected Versions: Online Examination System version 1.0 Description: The issue concerns an Authenticated SQL Injection vulnerability. Specifically, the total parameter of the "update.php" resource does not validate the characters received, and they are sent...

UBUNTU-CVE-2022-22293

admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstrated by the MAINMAXDECIMALSTOT parameter...