CVE-2026-0617

The CVE concerns the LatePoint – Calendar Booking Plugin for Appointments and Events (WordPress). A stored XSS vulnerability exists in customer profile fields across all versions up to 5.2.5 due to insufficient input sanitization and output escaping, enabling unauthenticated attackers to inject s...

PT-2026-6012

Name of the Vulnerable Software and Affected Versions LatePoint – Calendar Booking Plugin for Appointments and Events versions prior to 5.2.6 Description The LatePoint – Calendar Booking Plugin for Appointments and Events for WordPress is susceptible to Stored Cross-Site Scripting. This is due to...

EUVD-2022-39421

Malicious code in bioql PyPI...

CVE-2025-7600

A vulnerability, which was classified as critical, was found in PHPGurukul Online Library Management System 3.0. This affects an unknown part of the file /admin/student-history.php. The manipulation of the argument stdid leads to sql injection. It is possible to initiate the attack remotely. The...

Malicious code in @kp-admin/history (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9291332b4f8b2a62e28230207b0b18e9e9f5e162e170870f684b14a27ea74f34 The OpenSSF Package Analysis project identified '@kp-admin/history' @ 20.0.0 npm as malicious. It is considered malicious because: - The package...

Piwigo SQL注入漏洞

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A security vulnerability exists in Piwigo version v.13.5.0 and earlier versions. An attacker can exploit this vulnerability to execute...

CVE-2022-36719

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the ok parameter at /admin/history.php...

CVE-2022-36719

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the ok parameter at /admin/history.php...

CVE-2022-36719

The CVE-2022-36719 entry concerns Library Management System v1.0 with a SQL injection in the ok parameter of /admin/history.php. The user-facing impact is high (CVE metrics show CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and the vulnerability could allow remote exploitation without user inter...

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in the v1.0 version of Library Management System due to an SQL injection issue in the ok parameter of the...

PT-2022-23580 · Unknown · Library Management System

Name of the Vulnerable Software and Affected Versions: Library Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the ok parameter at the "/admin/history.php" API endpoint. Recommendations: For Library Manageme...

PYSEC-2013-16

The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information...

Django: Data leakage via admin history log

The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information...