CVE-2025-15166

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be...

CVE-2025-15166

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be...

EUVD-2025-205539

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be...

EUVD-2025-205540

A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0. The impacted element is an unknown function of the file /updatecustomer.php?action=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

itsourcecode Online Cake Ordering System SQL注入漏洞

itsourcecode Online Cake Ordering System is an online cake ordering system of itsourcecode open source . A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Cake Ordering System, which stems from incorrect manipulation of the parameter ID in the file...

itsourcecode Online Cake Ordering System SQL注入漏洞

itsourcecode Online Cake Ordering System is an online cake ordering system of itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Cake Ordering System, which stems from incorrect manipulation of the parameter ID in the file...

CVE-2025-14652

A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This issue affects some unknown processing of the file /admindetail.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2025-14652

CVE-2025-14652 affects itsourcecode Online Cake Ordering System 1.0. A SQL injection vulnerability exists in the /admindetail.php?action=edit endpoint via manipulation of the ID parameter. Exploitation is remote and the exploit has been publicly disclosed. Impact per sources includes confidential...

EUVD-2021-31661

Malicious code in bioql PyPI...

CVE-2025-10436 Campcodes Computer Sales and Inventory System sup_searchfrm.php sql injection

A weakness has been identified in Campcodes Computer Sales and Inventory System 1.0. The impacted element is an unknown function of the file /pages/supsearchfrm.php?action=edit. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2024-48706

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the title parameter with action=add or action=editform within the a managemessage.php file and b managetask.php file respectively...

PT-2024-15606 · Code Projects · Code-Projects Fighting Cock Information System

Name of the Vulnerable Software and Affected Versions: code-projects Fighting Cock Information System version 1.0 Description: A critical issue has been identified, affecting the /admin/action/edit chicken.php file. The manipulation of the ref argument leads to SQL injection. This issue can be...

CVE-2023-34750

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit...

CVE-2023-1569

A vulnerability classified as problematic was found in SourceCodester E-Commerce System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/user/controller.php?action=edit. The manipulation of the argument UNAME with the input alert'1' leads to cross site scripting...

CVE-2023-1569 SourceCodester E-Commerce System cross site scripting

A vulnerability classified as problematic was found in SourceCodester E-Commerce System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/user/controller.php?action=edit. The manipulation of the argument UNAME with the input alert'1' leads to cross site scripting...

CVE-2021-3298

Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter...

CVE-2019-17577

An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the admin/mails.php?action=edit URI via the "Email used for error returns emails fields 'Errors-To' in emails sent" field...

Design/Logic Flaw

An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoing email setup" feature in the /admin/mails.php?action=edit URI via the "Send all emails to instead of real recipients, for test purposes" field...

Sales & Company Management System Cross-Site Request Forgery Vulnerability

Sales & Company Management System SCMS is a sales and company management system. The system includes features such as customer management, product management and tax management. A cross-site request forgery vulnerability exists in the member/memberemail.php?action=edit URI in SCMS 2018-06-06 and...

CVE-2018-19547

JTBCPHP 3.0.1.7 has XSS via the console/xml/manage.php?type=action&action=edit content parameter...