41 matches found
TRUfusion Enterprise <= 7.10.4.0 - Admin Contact Portal
TRUfusion Enterprise versions 7.10.4.0 and earlier contained a vulnerability that allowed unauthenticated access to the Internal Admin Contact Page, resulting in the disclosure of PII including partner and contact names. id: CVE-2025-27225 info: name: TRUfusion Enterprise = 7.10.4.0 - Admin Conta...
CVE-2025-65134
In manikandan580 School-management-system 1.0, a reflected cross-site scripting XSS vulnerability exists in /studentms/admin/contact-us.php via the email POST parameter...
school-management-system 安全漏洞
School-Management-System is a school management system developed by Shubham Kumar, an individual developer. This system is designed for schools or small institutions. Version 1.0 of School-Management-System contains a security vulnerability. This vulnerability stems from improper handling of the...
CVE-2025-65136
In manikandan580 School-management-system 1.0, a reflected XSS vulnerability exists in /studentms/admin/contact-us.php via the pagedes POST parameter...
PT-2026-32660
CVE-2025-65136 In manikandan580 School-management-system 1.0, a reflected XSS vulnerability exists in /studentms/admin/contact-us.php via the pagedes POST parameter. https://t.co/Nv3V9nifh4...
CVE-2025-12224
A flaw has been found in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This vulnerability affects unknown code of the file admin/contact.php. This manipulation of the argument twitter causes cross site scripting. The attack may be initiated remotely. The exploit h...
CVE-2025-12224
A flaw has been found in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This vulnerability affects unknown code of the file admin/contact.php. This manipulation of the argument twitter causes cross site scripting. The attack may be initiated remotely. The exploit h...
EUVD-2025-36075
A flaw has been found in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This vulnerability affects unknown code of the file admin/contact.php. This manipulation of the argument twitter causes cross site scripting. The attack may be initiated remotely. The exploit h...
CVE-2025-12224
The CVE concerns Iqbolshoh php-business-website (up to version 10677743a8dfc281f85291a27cf63a0bce043c24). The vulnerability is in admin/contact.php where manipulation of the twitter parameter enables cross-site scripting. The attack can be initiated remotely, and exploits have been published. Pro...
PT-2025-43878
Name of the Vulnerable Software and Affected Versions Iqbolshoh php-business-website versions prior to 10677743a8dfc281f85291a27cf63a0bce043c24 Description A cross-site scripting issue exists in Iqbolshoh php-business-website. The issue is located in the admin/contact.php file, where manipulation...
PHP Business Website 代码注入漏洞
PHP Business Website is a PHP business website by the individual developer Iqbolshoh Ilhomjonov. PHP Business Website suffers from a code injection vulnerability that stems from the incorrect manipulation of the parameter twitter in the file admin/contact.php, which could lead to a cross-site...
EUVD-2025-26650
Malicious code in bioql PyPI...
EUVD-2025-26371
Malicious code in bioql PyPI...
EUVD-2022-40867
Malicious code in bioql PyPI...
PT-2025-40350
Name of the Vulnerable Software and Affected Versions TRUfusion Enterprise versions through 7.10.4.0 Description TRUfusion Enterprise through version 7.10.4.0 has an endpoint, /trufusionPortal/jsp/internal admin contact login.jsp, accessible to unauthenticated users. This allows attackers to acce...
CVE-2025-9930
A security vulnerability has been detected in 1000projects Beauty Parlour Management System 1.0. This impacts an unknown function of the file /admin/contact-us.php. The manipulation of the argument mobnumber leads to sql injection. The attack can be initiated remotely. The exploit has been...
Beauty Parlour Management System contact-us.php File SQL Injection Vulnerability
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of an externally-entered SQL statement in...
1000 Projects Beauty Parlour Management System SQL注入漏洞
1000 Projects Beauty Parlour Management System is an open source beauty parlor management system from 1000 Projects. A SQL injection vulnerability exists in 1000 Projects Beauty Parlour Management System version 1.0, which originates from improper manipulation of the parameter mobnumber in the fi...
CVE-2025-9814
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/contact-us.php. The manipulation of the argument mobnumber results in sql injection. It is possible to launch the attack remotely. The exploit has been releas...
CVE-2025-9814 PHPGurukul Beauty Parlour Management System contact-us.php sql injection
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/contact-us.php. The manipulation of the argument mobnumber results in sql injection. It is possible to launch the attack remotely. The exploit has been releas...