10 matches found
EUVD-2025-31384
Malicious code in bioql PyPI...
E-Commerce Website admin_account_update.php file SQL injection vulnerability
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter userid in the file /pages/adminaccountupdate.php. An attacker can exploit this vulnerabili...
CVE-2025-11036
A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/adminaccountupdate.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...
CVE-2025-11036
A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/adminaccountupdate.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...
CVE-2025-11036
A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/adminaccountupdate.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...
CVE-2025-11036 code-projects E-Commerce Website admin_account_update.php sql injection
A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/adminaccountupdate.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...
CVE-2025-11036 code-projects E-Commerce Website admin_account_update.php sql injection
A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/adminaccountupdate.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be...
CVE-2025-11036
CVE-2025-11036 affects code-projects E-Commerce Website 1.0. The vulnerability is in the file /pages/admin_account_update.php where manipulation of the argument user_id enables SQL injection. Exploitation can be performed remotely and public PoCs exist. Root cause is lack of input validation for ...
Code-Projects E-Commerce Website SQL注入漏洞
E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter userid in the file /pages/adminaccountupdate.php. An attacker can exploit this vulnerabili...
Ipswitch WhatsUp Gold Default Admin Account
This WhatsUp Gold server still has the default password for the admin user account. An attacker can use this account to probe other systems on the network and obtain sensitive information about the monitored systems. %NASLMINLEVEL 70300 Copyright 2001 by H D Moore See the Nessus Scripts License f...