177 matches found
PT-2024-24711 · Unknown · Sourcecodester Internship Portal Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Internship Portal Management System version 1.0 Description: A critical issue has been discovered, affecting the file admin/delete activity.php. The manipulation of the activity id argument leads to SQL injection. This issue ca...
Internship Portal Management System SQL注入漏洞
Internship Portal Management System is an internship portal management system by the individual developer ChatikoboL. A SQL injection vulnerability exists in Internship Portal Management System version 1.0, which is caused by a SQL injection vulnerability in the activityid parameter of the...
PT-2023-30873 · Unknown · Concrete Cms
Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9.0.0 through 9.2.2 Description: The issue allows an attacker to force an admin user to delete server report logs on a web application to which they are currently authenticated via the API endpoint...
GHSA-765F-3MGX-24PW Cross-Site Request Forgery in JFinalCMS via /admin/friend_link/delete
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/delete...
JFinalCMS Security Vulnerability
JFinalCMS is a content management system by heyewei individual developer. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/div/delete component...
CVE-2023-27052
E-Commerce System v1.0 ws discovered to contain a SQL injection vulnerability via the id parameter at /admin/deleteuser.php...
Moosikay E-Commerce System SQL注入漏洞
Moosikay E-Commerce System is an e-commerce system by the individual developer Arvin Arandilla. A security vulnerability exists in Moosikay E-Commerce System v1.0, which was discovered to contain an SQL injection vulnerability via the id parameter in /admin/deleteuser.php...
PT-2023-20917 · Unknown · E-Commerce System
Name of the Vulnerable Software and Affected Versions: E-Commerce System version 1.0 Description: A SQL injection issue was found in the E-Commerce System. The vulnerability can be exploited via the id parameter at the "/admin/delete user.php" API endpoint. Recommendations: For E-Commerce System...
Dynamic Transaction Queuing System SQL注入漏洞
Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0, which stems from the id parameter of its /admin/ajax.php?action=deletewindow component...
Dynamic Transaction Queuing System SQL注入漏洞
Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0, which stems from the id parameter of its /admin/ajax.php?action=deleteuser component th...
Dynamic Transaction Queuing System SQL注入漏洞
Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, an individual developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0, which stems from the id parameter of its /admin/ajax.php?action=deleteuploads component...
CVE-2022-36735
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /admin/delete.php...
CVE-2022-36735
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /admin/delete.php...
Sql injection
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /admin/delete.php...
Library Management System SQL注入漏洞
Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the MI...
Library Management System SQL注入漏洞
Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in Library Management System v1.0, which was discovered to contain an SQL injection vulnerability via the...
CVE-2022-30804
elitecms v1.01 is vulnerable to Delete any file via /admin/deleteimage.php?file=...
PT-2022-20323 · Elitecms · Elitecms
Name of the Vulnerable Software and Affected Versions: elitecms version 1.01 Description: The issue allows deletion of any file via the "/admin/delete image.php?file=" API endpoint. The estimated number of potentially affected devices worldwide is not specified. There is no information about...
CVE-2022-29681
CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del...
CVE-2022-29670
CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/del...