CVE-2026-41233 Froxlor has a Reseller Domain Quota Bypass via Unvalidated adminid Parameter in Domains.add()

Froxlor is open source server administration software. Prior to version 2.3.6, in Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created...

CVE-2026-2227

A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This...

CVE-2026-2218

A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

D-Link DCS-933L 命令注入漏洞

The D-Link DCS-933L is a wireless camera from the D-Link company. Versions of D-Link DCS-933L prior to 1.14.11 have a command injection vulnerability. This vulnerability stems from incorrect operations on the AdminID parameter in the setSystemAdmin file of the alphapd component, which can lead to...

PT-2026-6922

Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A flaw exists in itsourcecode Society Management System that allows for SQL injection. This issue is located in the /admin/edit admin.php file, where manipulation of the admin id...

CVE-2026-0697

A flaw has been found in code-projects Intern Membership Management System 1.0. The impacted element is an unknown function of the file /intern/admin/editadmin.php. This manipulation of the argument adminid causes sql injection. The attack may be initiated remotely. The exploit has been published...

CVE-2026-0698

A vulnerability has been found in code-projects Intern Membership Management System 1.0. This affects an unknown function of the file /intern/admin/editstudents.php. Such manipulation of the argument adminid leads to sql injection. The attack may be launched remotely. The exploit has been disclos...

CVE-2026-0698

CVE-2026-0698 affects code-projects Intern Membership Management System 1.0. The vulnerability is in /intern/admin/edit_students.php, where manipulation of the admin_id parameter allows SQL injection. Attacks can be launched remotely and the exploit has been disclosed publicly. Reported impact va...

CVE-2026-0697

A flaw has been found in code-projects Intern Membership Management System 1.0. The impacted element is an unknown function of the file /intern/admin/editadmin.php. This manipulation of the argument adminid causes sql injection. The attack may be initiated remotely. The exploit has been published...

PT-2026-1971

Name of the Vulnerable Software and Affected Versions code-projects Intern Membership Management System version 1.0 Description A flaw exists in code-projects Intern Membership Management System version 1.0. The issue involves a SQL injection vulnerability within an unknown function of the...

Code-Projects Intern Membership Management System SQL注入漏洞

Code-Projects Intern Membership Management System is a Code-Projects open source intern membership management system . Code-Projects Intern Membership Management System version 1.0 has a SQL injection vulnerability , the vulnerability stems from the wrong operation of the parameter adminid in the...

Atom CMS SQL注入漏洞

Atom CMS is an open source content management system from The Digital Craft. An SQL injection vulnerability exists in Atom CMS version 2.0, which stems from an unverified SQL injection in the id parameter of the admin index page, which could lead to a remote attacker manipulating database queries...

EUVD-2025-203122

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewadmin.php. This manipulation of the argument adminid causes sql injection. The attack may be initiated remotely. The exploit has been publishe...

CVE-2025-14570

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewadmin.php. This manipulation of the argument adminid causes sql injection. The attack may be initiated remotely. The exploit has been publishe...

EUVD-2025-198590

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2025-13572

The CVE-2025-13572 entry affects projectworlds Advanced Library Management System 1.0, with a vulnerability in the /delete_admin.php path where manipulating the admin_id parameter enables SQL injection. Remote exploitation is possible and an exploit is publicly available. Several sources corrobor...

Projectworlds Advanced Library Management System SQL注入漏洞

Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in Projectworlds Advanced Library Management System version 1.0, which stems from a misbehavior of the parameter adminid in the file...

Simple Online Hotel Reservation System delete_account.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that stems from a lack of validation of an externally entered SQL statement in the parameter adminid of the deleteaccount.php file...

Code-Projects Simple Online Hotel Reservation System 安全漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that stems from a lack of validation of an externally entered SQL statement in the parameter adminid of the deleteaccount.php file...

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter name/adminid in the file...