CVE-2025-6593

A flaw was found in MediaWiki. A remote attacker, by enticing a user to interact with malicious content, could potentially exploit a vulnerability in the includes/user/User.Php file. This could lead to the disclosure of limited sensitive information. Mitigation Mitigation for this issue is either...

Campcodes Grocery Sales and Inventory System SQL注入漏洞

CampCodes Grocery Sales and Inventory System is a grocery sales and inventory system from CampCodes Philippines. A SQL injection vulnerability exists in Campcodes Grocery Sales and Inventory System version 1.0, which stems from incorrect manipulation of the parameter ID in the file /manageuser.ph...

CVE-2020-20640

Cross Site Scripting XSS vulnerability in ECShop 4.0 due to security filtering issues, in the user.php file, we can use the html entity encoding to bypass the security policy of the safety.php file, triggering the xss vulnerability...

CVE-2020-25004

Heybbs v1.2 has a SQL injection vulnerability in user.php file via the ID parameter which may allow a remote attacker to execute arbitrary code...

TerraMaster FS-210 Elevation of Privilege Vulnerability

TerraMaster FS-210 is a NAS Network Attached Storage device from TerraMaster, a Shenzhen, China based company. An elevation of privilege vulnerability exists in TerraMaster FS-210 version 4.0.19, which can be exploited to elevate privileges with the help of the 1.user.php file...