61 matches found
Mantis Bug Tracker 跨站脚本漏洞
Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions 2.11.0 to 2.28.1 of Mantis Bug Tracker contain a cross-site scripting vulnerability. This vulnerability stems from allowing any authenticated user to inject arbitrary HTML through the update accoun...
CVE-2017-12584
There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. Also, an entire user profile including the password can be updated without sending the current password. This allows remote attackers to trick a user into changing to an attacker-controlled password, a complete account takeover, via the...
CVE-2025-14578
A weakness has been identified in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /updateaccount.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available ...
EUVD-2025-203119
A weakness has been identified in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /updateaccount.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available ...
CVE-2025-14578
A weakness has been identified in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /updateaccount.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available ...
CVE-2025-14578
A weakness has been identified in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /updateaccount.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available ...
itsourcecode Student Management System SQL注入漏洞
itsourcecode Student Management System is an open source student management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from incorrect manipulation of the parameter ID in the file /updateaccount.php, which...
PT-2025-50976
Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A flaw exists in itsourcecode Student Management System 1.0. The issue involves the manipulation of the ID argument within an unknown function of the /update account.php file,...
CVE-2025-14089
A vulnerability was identified in Himool ERP up to 2.2. Affected by this issue is the function updateaccount of the file /api/admin/updateaccount/ of the component AdminActionViewSet. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is public...
CVE-2025-14089
A vulnerability was identified in Himool ERP up to 2.2. Affected by this issue is the function updateaccount of the file /api/admin/updateaccount/ of the component AdminActionViewSet. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is public...
EUVD-2025-201426
A vulnerability was identified in Himool ERP up to 2.2. Affected by this issue is the function updateaccount of the file /api/admin/updateaccount/ of the component AdminActionViewSet. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is public...
CVE-2025-14089 Himool ERP AdminActionViewSet update_account improper authorization
A vulnerability was identified in Himool ERP up to 2.2. Affected by this issue is the function updateaccount of the file /api/admin/updateaccount/ of the component AdminActionViewSet. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is public...
CVE-2025-14089 Himool ERP AdminActionViewSet update_account improper authorization
A vulnerability was identified in Himool ERP up to 2.2. Affected by this issue is the function updateaccount of the file /api/admin/updateaccount/ of the component AdminActionViewSet. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is public...
Software-Exploitation-Final-Project
ATM Challenge - Buffer Overflow Exploit Author: Olalekan...
EUVD-2021-15701
Malware in sbrugna...
EUVD-2021-33479
Malicious code in bioql PyPI...
EUVD-2025-29143
Malicious code in bioql PyPI...
CVE-2025-10421
A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /updateaccount.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-10421
A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /updateaccount.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-10421
The CVE-2025-10421 entry concerns SourceCodester Student Grading System 1.0. Affected component: the file /update_account.php. Root cause: manipulation of the ID parameter enables SQL injection, with remote exploitation possible and an exploit published. Impact is consistent with the vulnerabilit...