PT-2025-50963

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System version 1.0, specifically within the file /view admin.php. Manipulation of the admin id argument can lea...

CVE-2025-13623 Twitscription <= 0.1.1 - Reflected Cross-Site Scripting via admin.php PATH_INFO

The Twitscription plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the admin.php PATHINFO in all versions up to, and including, 0.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

rConfig RCE (CVE-2020-10221)

The version of rConfig installed on the remote host is affected by a remote code executionvulnerability, as follows: - The flaw exists due to insufficient input validation in the userAdmin.inc.php component, which allows an unauthenticated attacker to upload arbitrary files to the server. By...

CVE-2025-13572

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2025-13576

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

CVE-2025-13576 code-projects Blog Site admin.php improper authorization

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

PT-2025-47870

A vulnerability was detected in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used. Multiple endpoints...

CVE-2025-13572 projectworlds Advanced Library Management System delete_admin.php sql injection

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

PT-2025-47866

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System version 1.0, specifically within the /delete admin.php file. Manipulation of the admin id argument can...

CVE-2025-12332

A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-12332 SourceCodester Student Grades Management System admin.php delete_user cross site scripting

A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function deleteuser of the file /admin.php. Executing manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-11425

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-11425 projectworlds Advanced Library Management System edit_admin.php cross site scripting

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-11425 projectworlds Advanced Library Management System edit_admin.php cross site scripting

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /editadmin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-11425

CVE-2025-11425 affects projectworlds Advanced Library Management System 1.0, with an XSS vulnerability in the /edit_admin.php handling of the firstname parameter. The issue is exploitable remotely and has publicly available exploits. Other parameters may be affected as well. Authored/verified rep...

PT-2025-41290

Name of the Vulnerable Software and Affected Versions SourceCodester Student Grades Management System version 1.0 Description A security issue exists in SourceCodester Student Grades Management System. The add user function within the /admin.php file, specifically in the Manage Users Page...

EUVD-2006-0989

Malware in sbrugna...

EUVD-2025-10437

Malicious code in bioql PyPI...

CVE-2025-10993 MuYuCMS Template Management admin.php code injection

A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely...

CVE-2025-55910

CMSEasy is affected by CVE-2025-55910: versions 7.7.8.0 and earlier are vulnerable to arbitrary file deletion via database_admin.php. The root cause is an issue in CMSEasy’s database_admin.php handling that allows deletion of arbitrary files. Reported references across multiple sources confirm th...