121 matches found
CVE-2026-48213
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid POST parameter directly into an HTML form input value attribute. Attackers can...
PT-2026-41545
Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myevents id parameter. Attackers can send GET requests to the event add.php page with malicious myevents id values to extrac...
PT-2026-6761
Name of the Vulnerable Software and Affected Versions OpenSTAManager versions 2.9.8 and earlier Description OpenSTAManager contains a critical Error-Based SQL Injection issue within the Prima Nota Journal Entry module's add.php file. The application does not validate that comma-separated values...
EUVD-2006-2953
Malware in sbrugna...
EUVD-2024-50124
Malicious code in bioql PyPI...
EUVD-2023-52163
Malicious code in bioql PyPI...
EUVD-2024-49266
Malicious code in bioql PyPI...
EUVD-2023-54711
Malicious code in bioql PyPI...
EUVD-2022-30064
Malicious code in bioql PyPI...
PT-2025-39735
Name of the Vulnerable Software and Affected Versions Projectworlds Online Shopping System version 1.0 Description A flaw exists in Projectworlds Online Shopping System that allows for SQL injection. This issue affects an unknown part of the /store/cart add.php file. Manipulation of the ID argume...
PT-2025-39512
Name of the Vulnerable Software and Affected Versions WP-DownloadManager plugin for WordPress versions prior to 1.68.12 Description The WP-DownloadManager plugin for WordPress is susceptible to unrestricted file uploads because of a lack of file type validation within the download-add.php file...
CVE-2024-9799
A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument...
CVE-2024-8562
A vulnerability was found in SourceCodester PHP CRUD 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /endpoint/Add.php. The manipulation of the argument firstname/middlename/lastname leads to cross site scripting. The attack may be launched...
CVE-2022-25394
Medical Store Management System v1.0 was discovered to contain a SQL injection vulnerability via the cid parameter under customer-add.php...
CVE-2024-11820
A vulnerability, which was classified as problematic, has been found in code-projects Crud Operation System 1.0. This issue affects some unknown processing of the file /add.php. The manipulation of the argument saddress leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2024-11820 code-projects Crud Operation System add.php cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Crud Operation System 1.0. This issue affects some unknown processing of the file /add.php. The manipulation of the argument saddress leads to cross site scripting. The attack may be initiated remotely. The...
PT-2024-16783 · Dedecms · Dedecms
Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.116 Description: A vulnerability has been found in DedeCMS, affecting the file /dede/uploads/dede/friendlink add.php. The manipulation of the logoimg argument leads to unrestricted upload. It is possible to initiate the...
CVE-2024-9799 SourceCodester Profile Registration without Reload Refresh add.php cross site scripting
A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument...
CVE-2024-9092
A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...
CVE-2024-9092 SourceCodester Profile Registration without Reload Refresh Registration Form add.php cross site scripting
A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument fullname leads to cross site...