CVE-2025-15390

A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...

CVE-2025-15390

A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...

CVE-2025-15390

A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...

CVE-2025-15390 PHPGurukul Small CRM edit-user.php authorization

A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...

EUVD-2025-206030

A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited...

PT-2025-54354

Name of the Vulnerable Software and Affected Versions PHPGurukul Small CRM version 4.0 Description A security flaw exists in PHPGurukul Small CRM 4.0, impacting an unknown function within the /admin/edit-user.php file. This allows for missing authorization, enabling remote attacks. The exploit fo...

PHPGurukul Small CRM 安全漏洞

PHPGurukul Small CRM is a customer relationship management system from PHPGurukul. A security vulnerability exists in PHPGurukul Small CRM version 4.0, which stems from a missing authorization in the file /admin/edit-user.php, which could lead to a remote attack...

CVE-2025-15262 BiggiDroid Simple PHP CMS Site Logo edit.php unrestricted upload

A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...

CVE-2025-15262 BiggiDroid Simple PHP CMS Site Logo edit.php unrestricted upload

A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...

BiggiDroid Simple PHP CMS 代码问题漏洞

BiggiDroid Simple PHP CMS is a content management system from BiggiDroid open source. A code issue vulnerability exists in BiggiDroid Simple PHP CMS version 1.0, which stems from the incorrect manipulation of the parameter image in the file /admin/edit.php, which can lead to unrestricted uploads...

PT-2025-54208

A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...

CVE-2025-66947

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

CVE-2025-61078

CVE-2025-61078 affects phpIPAM v1.7.3. The vulnerability is a cross-site scripting (XSS) flaw in the Request IP form, exploitable via the instructions parameter sent to /app/admin/instructions/edit-result.php. Impact is potential HTML/script injection leading to user-compromise of the affected we...

Cross-site Scripting (XSS)

Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the admin/edit endpoint. An attacker can execute arbitrary scripts in the context of the admin interface by...

EUVD-2025-197617

A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/editaccount.php. Performing manipulation of the argument adminid results in sql injection. The attack is possible to be carried out remotely. The...

CVE-2025-13170

CVE-2025-13170 concerns the Simple Online Hotel Reservation System 1.0. The vulnerability is an SQL injection in the admin/account editing flow, triggered by manipulating the parameter admin_id in /admin/edit_account.php. Multiple connected sources confirm remote exploitation possibilities and th...

PT-2025-46972

Name of the Vulnerable Software and Affected Versions Simple Online Hotel Reservation System version 1.0 Description A flaw exists in the processing of the /admin/edit account.php file within the software. Manipulation of the admin id argument can lead to SQL injection. This issue is potentially...

Simple Online Hotel Reservation System Code Issue Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System has a code issue vulnerability that stems from a lack of valid validation of uploaded files by the Photo Handler component in file /admin/editroom.php. An attacker can use th...

CVE-2025-12593

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...

EUVD-2025-37439

A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/editroom.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely...