5 matches found
EUVD-2021-32817
Malicious code in bioql PyPI...
Exam Form Submission delete_s7.php file SQL injection vulnerability
Exam Form Submission is an exam form. Exam Form Submission suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in parameter ID in file /admin/deletes7.php. An attacker can exploit this vulnerability to execute illegal SQL commands...
PT-2025-26754 · Unknown · Phpgurukul Online Dj Booking Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Online DJ Booking Management System version 2.0 Description: The issue is related to Cross Site Scripting XSS in the odms/admin/view-user-queries.php file. This allows for potential malicious script injection. Recommendations: For...
CVE-2025-24967
reNgine is an automated reconnaissance framework for web applications. A stored cross-site scripting XSS vulnerability exists in the admin panel's user management functionality. An attacker can exploit this issue by injecting malicious payloads into the username field during user creation. This...
CVE-2020-24609
TechKshetra Info Solutions Pvt. Ltd Savsoft Quiz 5.5 and earlier has XSS which can result in an attacker injecting the XSS payload in the User Registration section and each time the admin visits the manage user section from the admin panel, the XSS triggers and the attacker can steal the cookie v...