5 matches found
CVE-2022-23380
There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action=admin=2=edit...
CVE-2025-0536
A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/editaction.php. The manipulation of the argument attendanceid leads to sql injection. The attack can be initiated remotely. The...
1000 Projects Attendance Tracking Management System 注入漏洞
1000 Projects Attendance Tracking Management System is an open source attendance management system from 1000 Projects. An injection vulnerability exists in version 1.0 of 1000 Projects Attendance Tracking Management System, which originates from the parameter attendanceid in file...
Authentication flaw
xGB.php in xGB 2.0 does not require authentication for an admin edit action, which allows remote attackers to make unspecified changes via an unknown series of steps...
CVE-2007-4637
CVE-2007-4637 affects xGB.php in xGB 2.0, where an admin edit action does not require authentication. This allows remote attackers to perform unspecified changes via an unknown series of steps. The NVD entry lists a MEDIUM base score (6.4) with network attack vector, low complexity, and no user i...