236 matches found
CVE-2026-4474
The CVE-2026-4474 entry concerns itsourcecode University Management System 1.0. The vulnerability lies in the admin_single_student_update.php function, where manipulation of the st_name argument enables cross-site scripting (XSS). The attack can be initiated remotely and exploit code has been pub...
PT-2026-26567
A flaw has been found in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /admin single student update.php. This manipulation of the argument st name causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may...
CVE-2026-3711 code-projects Simple Flight Ticket Booking System Adminupdate.php sql injection
A vulnerability was detected in code-projects Simple Flight Ticket Booking System 1.0. Affected is an unknown function of the file /Adminupdate.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp results in sql injection. The attack can be executed...
PT-2026-23920
A vulnerability was detected in code-projects Simple Flight Ticket Booking System 1.0. Affected is an unknown function of the file /Adminupdate.php. The manipulation of the argument flightno/airplaneid/departure/dtime/arrival/atime/ec/ep/bc/bp results in sql injection. The attack can be executed...
CVE-2026-3411 itsourcecode University Management System admin_single_student_update.php sql injection
A security vulnerability has been detected in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /adminsinglestudentupdate.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. T...
CVE-2026-3411
A security vulnerability has been detected in itsourcecode University Management System 1.0. Affected by this issue is some unknown functionality of the file /adminsinglestudentupdate.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. T...
CVE-2026-3411
The CVE-2026-3411 entry concerns itsourcecode University Management System 1.0. The vulnerability is a SQL injection in the /admin_single_student_update.php function, exploitable by manipulating the ID parameter. Remote exploitation is possible, and public exploits have been disclosed. According ...
PT-2026-21421
A weakness has been identified in YiFang CMS up to 2.0.5. This affects the function update of the file app/db/admin/D adManage.php of the component Extended Management Module. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote...
CVE-2026-2132
A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the argument txtcat results in sql injection. The attack can be executed remotely. The exploit has bee...
CVE-2026-2133
A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-2133
A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-2132
A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the argument txtcat results in sql injection. The attack can be executed remotely. The exploit has bee...
CVE-2026-2132
A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the argument txtcat results in sql injection. The attack can be executed remotely. The exploit has bee...
CVE-2026-2133
A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-2133 code-projects Online Music Site AdminUpdateCategory.php unrestricted upload
A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-2133
CVE-2026-2133 affects code-projects Online Music Site 1.0. The vulnerability exists in an unknown function of /Administrator/PHP/AdminUpdateCategory.php, where manipulating the txtimage argument enables unrestricted file uploads. It is exploitable remotely, and public exploit details have been re...
CVE-2026-2132
code-projects Online Music Site 1.0 contains a SQL injection in AdminUpdateCategory.php (txtcat) that can be triggered remotely. Multiple sources (NVD/Red Hat/CVE list) confirm the vulnerability path involves the /Administrator/PHP/AdminUpdateCategory.php file and an injectable txtcat parameter. ...
EUVD-2026-5816
A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the argument txtcat results in sql injection. The attack can be executed remotely. The exploit has bee...
CVE-2026-2132 code-projects Online Music Site AdminUpdateCategory.php sql injection
A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the argument txtcat results in sql injection. The attack can be executed remotely. The exploit has bee...
PT-2026-6957
Name of the Vulnerable Software and Affected Versions code-projects Online Music Site version 1.0 Description A flaw exists in code-projects Online Music Site that allows for unrestricted file uploads. This is due to manipulation of the txtimage argument within an unknown function of the file...