20 matches found
CVE-2025-15353
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function editadminquery of the file /admin/editadminquery.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now...
EUVD-2025-205845
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function editadminquery of the file /admin/editadminquery.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2025-15353
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function editadminquery of the file /admin/editadminquery.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2025-15353
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function editadminquery of the file /admin/editadminquery.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2025-15353 itsourcecode Society Management System edit_admin_query.php edit_admin_query sql injection
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function editadminquery of the file /admin/editadminquery.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2025-15353 itsourcecode Society Management System edit_admin_query.php edit_admin_query sql injection
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function editadminquery of the file /admin/editadminquery.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now...
CVE-2025-15353
The CVE-2025-15353 affects itsourcecode Society Management System 1.0, specifically the function edit_admin_query in /admin/edit_admin_query.php. Manipulating the Username parameter enables SQL injection, with remote exploitability and public availability of exploits. Multiple connected sources c...
itsourcecode Society Management System SQL注入漏洞
itsourcecode Society Management System is an itsourcecode open source society management system. A SQL injection vulnerability exists in version 1.0 of itsourcecode Society Management System, which stems from incorrect manipulation of the parameter Username in the file /admin/editadminquery.php,...
PT-2025-54219
Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A flaw exists in the function edit admin query located in the file /admin/edit admin query.php. Manipulation of the Username argument can lead to SQL injection. This issue is...
CVE-2024-14007 TVT NVMS-9000 < 1.3.4 Unauthenticated Administrative Queries & Information Disclosure
Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products versions prior to 1.3.4 contain an authentication bypass in the NVMS-9000 control protocol. By sending a single crafted TCP payload to an exposed NVMS-9000 control port, an unauthenticated...
VulnCheck KEV: CVE-2021-37305
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin...
CVE-2025-8495
A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/editadminquery.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack...
CVE-2024-46239
Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-details.php...
PT-2024-31930 · Unknown · Phpgurukul Hospital Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0 Description: The issue concerns cross-site scripting vulnerabilities in the PHPGurukul Hospital Management System. These vulnerabilities exist via the docname parameter in...
CVE-2024-3255
A vulnerability, which was classified as critical, was found in SourceCodester Internship Portal Management System 1.0. Affected is an unknown function of the file admin/editadminquery.php. The manipulation of the argument username/password/name/adminid leads to sql injection. It is possible to...
CVE-2024-3255
The CVE-2024-3255 entry concerns SourceCodester Internship Portal Management System version 1.0. Affected is an unknown function in admin/edit_admin_query.php where manipulating parameters username, password, name, or admin_id leads to SQL injection. Exploitation can be performed remotely, and pu...
CVE-2024-0364
A vulnerability, which was classified as critical, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file admin/query-details.php. The manipulation of the argument adminremark leads to sql injection. The exploit has been disclosed to the public and may be...
PHPGurukul Hospital Management System SQL Injection Vulnerability
PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. A SQL injection vulnerability exists in PHPGurukul Hospital Management System version 1.0, which originates from a SQL injection vulnerability in the adminremark parameter of the admin/query-details.php pag...
PT-2023-26388 · Dedebiz · Dedebiz
Name of the Vulnerable Software and Affected Versions: DedeBIZ version 6.2.10 Description: A problematic vulnerability has been found in DedeBIZ, affecting an unknown function of the file /admin/sys sql query.php. The manipulation leads to cross site scripting. It is possible to launch the attack...
PMB 跨站脚本漏洞
PMB is a 100% free document management reference tool from the PMB Services team. A security vulnerability exists in PMB version v7.4.6, which was discovered to contain a Reflected Cross-Site Scripting XSS vulnerability via the query parameter in /admin/convert/exportz3950.php...