CVE-2023-53736

A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts in the administration interface. Attackers can exploit this vulnerability to execute arbitrary scripts within the administrative context...

CampCodes Supplier Management System SQL注入漏洞

CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in Campcodes Supplier Management System version 1.0, which stems from improper handling of the parameter txtDistributorAddress in the file /admin/adddistributor.php, whic...

CVE-2025-12739

An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a Looker admin, would execute an attacker-supplied script. Exploitation required at least one Looker extension installed on the instance. Looker-hosted and Self-hosted were found to be vulnerable. This...

CVE-2025-12739

An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a Looker admin, would execute an attacker-supplied script. Exploitation required at least one Looker extension installed on the instance. Looker-hosted and Self-hosted were found to be vulnerable. This...

CVE-2025-13572

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2025-13572 projectworlds Advanced Library Management System delete_admin.php sql injection

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /deleteadmin.php. The manipulation of the argument adminid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

CVE-2025-64336

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2-146 and below, the Manage Photos feature is vulnerable to stored Cross-site Scripting XSS. An authenticated regular user can upload a photo with a malicious Photo Title containing HTML/JavaScript code. While the payload doe...

CVE-2025-11351

The CVE-2025-11351 entry affects the code-projects Online Hotel Reservation System 1.0, with the flaw located in the /admin/editpicexec.php file where the image parameter can be manipulated to achieve unrestricted file upload. This root cause enables remote exploitation, and multiple connected so...

EUVD-2010-2801

Malware in sbrugna...

EUVD-2011-4490

Malware in sbrugna...

EUVD-2003-1531

Malware in sbrugna...

EUVD-2007-2980

Malware in sbrugna...

CVE-2025-9729

A vulnerability was detected in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /admin/student-registration.php. Performing manipulation of the argument studentname results in sql injection. The attack is possible to be carried out remotely. The...

CVE-2025-54172

QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into th...

Code-Projects Library Management System 代码问题漏洞

Code-Projects Library Management System is an open source library management system from Code-Projects. A code issue vulnerability exists in Code-Projects Library Management System version 2.0, which stems from improper manipulation of the parameter photo in the file /admin/studenteditphoto.php,...

CVE-2025-6909

A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-scdetails.php. The manipulation of the argument emeradd leads to sql injection. The attack can be launched...

3x-ui 安全漏洞

3x-ui is a software by Sanaei Personal Developers. A security vulnerability exists in versions prior to 3x-ui v.2.5.3, which stems from a failure to check the certificate option in the administration script x-ui, which could lead to the execution of arbitrary code...

Code-Projects Simple Online Hotel Reservation System 注入漏洞

Online Hotel Reservation System is a simple online hotel reservation system. Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter userid in the file /admin/execedituser.php. A...

CVE-2025-6418

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/editqueryaccount.php. The manipulation of the argument Name leads to sql injection. The attack may be launched...

CVE-2024-30870

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/addressinterpret.php...