CVE-2025-13572

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2025-13572 projectworlds Advanced Library Management System delete_admin.php sql injection

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2025-64336

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...

CVE-2025-11351

The CVE-2025-11351 entry affects the code-projects Online Hotel Reservation System 1.0, with the flaw located in the /admin/editpicexec.php file where the image parameter can be manipulated to achieve unrestricted file upload. This root cause enables remote exploitation, and multiple connected so...

EUVD-2007-2980

Malware in sbrugna...

EUVD-2010-2801

Malware in sbrugna...

EUVD-2011-4490

Malware in sbrugna...

EUVD-2003-1531

Malware in sbrugna...

CVE-2025-9729

A vulnerability was detected in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /admin/student-registration.php. Performing manipulation of the argument studentname results in sql injection. The attack is possible to be carried out remotely. The...

CVE-2025-54172

QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into th...

Code-Projects Library Management System 代码问题漏洞

Code-Projects Library Management System is an open source library management system from Code-Projects. A code issue vulnerability exists in Code-Projects Library Management System version 2.0, which stems from improper manipulation of the parameter photo in the file /admin/studenteditphoto.php,...

CVE-2025-6909

A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-scdetails.php. The manipulation of the argument emeradd leads to sql injection. The attack can be launched...

3x-ui 安全漏洞

3x-ui is a software by Sanaei Personal Developers. A security vulnerability exists in versions prior to 3x-ui v.2.5.3, which stems from a failure to check the certificate option in the administration script x-ui, which could lead to the execution of arbitrary code...

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Online Hotel Reservation System is a simple online hotel reservation system. Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter userid in the file /admin/execedituser.php. A...

CVE-2025-6418

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/editqueryaccount.php. The manipulation of the argument Name leads to sql injection. The attack may be launched...

CVE-2024-30870

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/addressinterpret.php...

CVE-2024-10946

A vulnerability classified as critical has been found in Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to 2.0.1. This affects an unknown part of the file /interlib/admin/SysLib?cmdACT=inputLIBCODE=batchXSL=editLIBCODE.xsl==. The...

CVE-2010-3608

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 password pw parameters to a admin.php or b user.php...

CVE-2024-13851

The Modal Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject...

CVE-2024-50825

A SQL Injection vulnerability was found in /admin/schoolyear.php in kashipara E-learning Management System Project 1.0 via the schoolyear parameter...