CVE-2025-11505

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly availab...

CVE-2025-11505

PHPGurukul Beauty Parlour Management System 1.1 is affected by a SQL injection in /admin/new-appointment.php via the delid parameter. Exploitation appears remotely and publicly available; multiple sources (CNVD, RH, CNNVD, CVE records, PT-2025-41310) describe the issue and indicate no current pub...

PT-2025-41310

Name of the Vulnerable Software and Affected Versions PHPGurukul Beauty Parlour Management System version 1.1 Description A flaw exists in PHPGurukul Beauty Parlour Management System version 1.1, specifically within the file /admin/new-appointment.php. Manipulation of the delid argument can lead ...

CVE-2025-7562

A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. Affected is an unknown function of the file /admin/new-requests.php. The manipulation of the argument teamid leads to sql injection. It is possible to launch the attack remotely. The exploit has...

PHPGurukul Online Fire Reporting System 安全漏洞

Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/new-requests.php. An attacker ca...

Credit Card Application Management System Cross-Site Scripting Vulnerability

Credit Card Application Management System is a credit card application management system. Credit Card Application Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file...

Bludit 代码问题漏洞

Bludit is an open source lightweight blog content management system CMS. A code issue vulnerability exists in Bludit v3.14.1, which stems from an arbitrary file upload vulnerability in the component /admin/new-content that allows an attacker to execute arbitrary web script or HTML by uploading a...

PT-2023-25030 · Bludit · Bludit

Name of the Vulnerable Software and Affected Versions: Bludit version 3.14.1 Description: The issue allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file in the /admin/new-content component. This is possible due to an arbitrary file upload vulnerability. It's...

Bludit 跨站脚本漏洞

Bludit CMS is an open source lightweight blog content management system CMS. v3.13.1 of Bludit CMS contains a cross-site scripting vulnerability that originates from the lack of filtering and validation of user input data on the /admin/new-content page. An attacker could use this vulnerability to...

Bus Booking Script admin/new_master.php file cross-site request forgery vulnerability

Bus Booking Script is an online bus booking management system based on PHP and MySQL. A cross-site request forgery vulnerability exists in Bus Booking Script. A remote attacker can exploit this vulnerability to perform unauthorized operations via the admin/newmaster.php file...

CVE-2017-17828

Bus Booking Script has XSS via the results.php datepicker parameter or the admin/newmaster.php spemail parameter...

CVE-2017-17830

Bus Booking Script has CSRF via admin/newmaster.php...

gpEasy 1.6.1 Cross Site Request Forgery

============================================= gpEasy Date : 04-29-2010 Site : http://www.giudinvx.altervista.org/ Location : Naples, Italy -------------------------------------------------------- Application Info Site : http://www.gpeasy.com/ Version: 1.6.1...