PT-2026-7654

An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the admin parameter...

CVE-2020-36969

M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standa...

CVE-2020-36969 M/Monit 3.7.4 - Privilege Escalation

M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standa...

CVE-2020-36969

M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standa...

CVE-2020-36969

CVE-2020-36969 affects M/Monit 3.7.4. A privilege-escalation flaw allows an authenticated user to modify permissions by tampering with the admin parameter via POST to /api/1/admin/users/update, potentially granting admin rights to a standard user. Public references (e.g., Exploit-DB) indicate a P...

Tildeslash M/Monit Security Vulnerability

Tildeslash M/Monit is a server monitoring and management tool developed by Tildeslash Inc. Version 3.7.4 of Tildeslash M/Monit contains a security vulnerability, which stems from improper handling of admin parameters, potentially leading to privilege escalation...

BiggiDroid Simple PHP CMS SQL注入漏洞

BiggiDroid Simple PHP CMS is a content management system from BiggiDroid open source. A SQL injection vulnerability exists in BiggiDroid Simple PHP CMS version 1.0, which stems from incorrect manipulation of the parameter ID in the file /admin/editsite.php, which can lead to SQL injection...

Simple Online Hotel Reservation System edit_account.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. The Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the /admin/editaccount.php file that does not securely filter the adminid parameter. An attacker can explo...

EUVD-2018-2393

Malware in sbrugna...

EUVD-2021-20774

Malware in sbrugna...

EUVD-2018-11195

Malware in sbrugna...

EUVD-2019-3071

Malware in sbrugna...

EUVD-2007-6424

Malware in sbrugna...

EUVD-2023-30577

Malicious code in bioql PyPI...

CVE-2025-11075

Campcodes Online Learning Management System 1.0 contains a SQL injection in the admin/de_activate.php file. The vulnerability arises from manipulating the ID parameter, enabling remote exploitation. Multiple connected sources confirm the issue and indicate an attacker could exploit remotely with ...

Code-Projects Online Ordering System 注入漏洞

Online Ordering System is an online ordering system. Online Ordering System has a SQL injection vulnerability that originates from an unfiltered parameter un in the /admin/user.php file that allows manipulation of database queries. No details of the vulnerability are available at this time...

Code-Projects Voting System 注入漏洞

Voting System is an election system. Voting System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in parameter ID in file /admin/positionsedit.php. An attacker can exploit this vulnerability to execute illegal SQL commands to...

PHPGurukul Zoo Management System 注入漏洞

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /admin/manage-animals.php. An attacker can exploit this vulnerability...

NEWS-BUZZ 安全漏洞

NEWS-BUZZ is a news management system by the individual developer ANIRBAN DUTTA that allows users to publish and manage various news content. A security vulnerability exists in NEWS-BUZZ v1.0, which stems from improper manipulation of the parameter changetoadmin in the file /admin/users.php, whic...

Tmall_demo 代码注入漏洞

Tmalldemo is a Spring Boot based mini Tmall by the projectteam. Tmalldemo 20250505 and previous versions of the code injection vulnerability, the vulnerability stems from the file /tmall/admin/ in the parameter Product Name/Product Title of the wrong operation leads to cross-site scripting...