15 matches found
CVE-2026-7229
A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST Handler. Performing a manipulation of the argument complaintreply results in sql injection. It is possible to initiate the...
CVE-2026-34241
CVE-2026-34241 (CtrlPanel) : Open-source hosting billing software with versions ≤ 1.1.1 contains a Stored XSS in the ticket reply notification system. Unsanitized content in $newmessage is stored in notification payloads and later rendered with Blade’s {!! !!} in recipients’ browsers, affecting b...
SourceCodester SUP Online Shopping 注入漏洞
SourceCodester SUP Online Shopping is an open-source online shopping system developed by SourceCodester. Version 1.0 of SourceCodester SUP Online Shopping contains a vulnerability due to improper handling of parameters in the file admin/replymsg.php, which may lead to SQL injection attacks...
EUVD-2026-25997
A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST Handler. Performing a manipulation of the argument complaintreply results in sql injection. It is possible to initiate the...
CVE-2026-7229
A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST Handler. Performing a manipulation of the argument complaintreply results in sql injection. It is possible to initiate the...
PT-2026-35669
A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST Handler. Performing a manipulation of the argument complaintreply results in sql injection. It is possible to initiate the...
EUVD-2026-4856
A security vulnerability has been detected in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Administrator/PHP/AdminReply.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-1535
A security vulnerability has been detected in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Administrator/PHP/AdminReply.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-1535 code-projects Online Music Site AdminReply.php sql injection
A security vulnerability has been detected in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Administrator/PHP/AdminReply.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
PT-2026-5225
Name of the Vulnerable Software and Affected Versions code-projects Online Music Site version 1.0 Description A security issue exists in code-projects Online Music Site 1.0. Manipulation of the ID argument in the file /Administrator/PHP/AdminReply.php can lead to SQL injection. This issue is...
Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-17937)
Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflected cross-site scripting vulnerability exists in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language version 9. T...
CVE-2020-10438
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/reply-ticket.php by adding a question mark ? followed by the payload...
Cross site scripting
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/reply-ticket.php by adding a question mark ? followed by the payload...
CVE-2020-10438
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/reply-ticket.php by adding a question mark ? followed by the payload...
PT-2020-12108 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS in admin/reply-ticket.php. This can be achieved by adding a question mark ? followed by th...