EUVD-2023-12388

Malicious code in bioql PyPI...

EUVD-2021-31747

Malicious code in bioql PyPI...

EUVD-2024-47706

Malicious code in bioql PyPI...

EUVD-2022-52651

Malicious code in bioql PyPI...

EUVD-2022-46112

Malicious code in bioql PyPI...

EUVD-2024-35293

Malicious code in bioql PyPI...

EUVD-2022-49276

Malicious code in bioql PyPI...

EUVD-2021-33135

Malicious code in bioql PyPI...

CVE-2025-10616

A security flaw has been discovered in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been released to the public and may be exploited...

CVE-2025-10616 itsourcecode E-Commerce Website users.php unrestricted upload

A security flaw has been discovered in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been released to the public and may be exploited...

CVE-2025-10616

The CVE-2025-10616 entry concerns itsourcecode E-Commerce Website 1.0. The vulnerable component is the file /admin/users.php where an unspecified manipulation yields an unrestricted upload. The vulnerability can be exploited remotely and the exploit has been released publicly. Other details in co...

PHPGurukul Login and User Management System 注入漏洞

PHPGurukul Login and User Management System is a login and user management system from PHPGurukul Inc. An injection vulnerability exists in version 3.3 of the PHPGurukul Login and User Management System, which originates from SQL injection due to incorrect manipulation of the parameter ID in the...

Arbitrary Code Injection

Overview bolt/bolt is a sophisticated, lightweight & simple CMS. Affected versions of this package are vulnerable to Arbitrary Code Injection via the function modify in the Users.php file. An attacker with valid credentials can execute arbitrary PHP code by injecting malicious input into the...

CVE-2025-6873

The CVE-2025-6873 entry concerns SourceCodester Simple Company Website 1.0. A vulnerability in the processing of the file /classes/Users.php?f=save allows unrestricted upload by manipulating the img parameter. The issue can be triggered remotely, and public disclosure of the exploit is noted. Con...

CVE-2025-5657

A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument uid leads to sql injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-5657 PHPGurukul Complaint Management System manage-users.php sql injection

A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument uid leads to sql injection. The attack may be initiated remotely. The exploit ha...

CVE-2025-5632 code-projects/anirbandutta9 Content Management System/News-Buzz users.php sql injection

A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/users.php. The manipulation of the argument changetoadmin leads to sql injection. T...

CVE-2024-1823

A vulnerability classified as critical was found in CodeAstro Simple Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file users.php of the component Backend. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit h...

CVE-2023-5836

A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file classes/Users.php?f=delete. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...

CVE-2022-34134

Jorani v1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /application/controllers/Users.php...