PT-2025-5882 · Codeastro · Codeastro Complaint Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Complaint Management System version 1.0 Description: The issue concerns incorrect access control in the endpoint "/admin/m delete.php" that allows unauthorized attackers to delete complaints arbitrarily by modifying the id parameter...

PT-2024-36449 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: kashipara E-learning Management System version 1.0 Description: A SQL Injection issue was found in the /admin/delete event.php endpoint, allowing remote attackers to execute arbitrary SQL commands and gain unauthorized database access via the...

07FLYCMS 安全漏洞

07FLYCMS is a free and open source content management system CMS of China Zero Takeoff 07FLY company, which can be used independently to meet the needs of various types of enterprise website development and construction! A security vulnerability exists in 07FLYCMS version V1.3.9, which originated...

GHSA-765F-3MGX-24PW Cross-Site Request Forgery in JFinalCMS via /admin/friend_link/delete

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/delete...

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the MI...

CVE-2022-29670

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/del...

Maccms 跨站请求伪造漏洞

Maccms is a PHP-based film and television content management system CMS. Maccms version 10 has a security vulnerability that can be exploited by an authenticated attacker to delete all users via "admin.php/admin/admin/del/ids/＜id＞.html"...