CVE-2025-44880

A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input...

Online Car Wash Booking System SQL注入漏洞

Online Car Wash Booking System is an online car wash booking system by Carlo Montero, a personal developer. Online Car Wash Booking System v1.0 is vulnerable to SQL injection, which originates from /ocwbs/admin/services/ manageprice.php?id=The page lacks validation for external input SQL...

DESTOON B2B Cross-Site Scripting Vulnerability

DESTOON B2B is a PHP and MySQL based on open source B2B e-commerce website management system . A cross-site scripting vulnerability exists in the admin\setting.inc.php page in DESTOON B2B version 7.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the...