CVE-2025-67285

A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID Tracking System Using QR-Code v1.0. The reason for this issue is that attackers inject malicious code from the parameter 'id' and use it directly in SQL queries without the need for appropriate...

CVE-2025-67285

A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID Tracking System Using QR-Code v1.0. The reason for this issue is that attackers inject malicious code from the parameter 'id' and use it directly in SQL queries without the need for appropriate...

CVE-2025-67285

CVE-2025-67285 affects ITSourcecode COVID Tracking System Using QR-Code v1.0. The vulnerability is a SQL injection in the file /cts/admin/?page=zone where the parameter id is injected directly into SQL queries without proper sanitization/validation. This is consistently described across multiple ...

CVE-2025-14585

A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=zone. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

itsourcecode COVID Tracking System SQL注入漏洞

itsourcecode COVID Tracking System is a new coronavirus tracking system open-sourced by itsourcecode. An SQL injection vulnerability exists in version 1.0 of itsourcecode COVID Tracking System, which stems from a misuse of the parameter ID in the file /admin/?page=zone, which could lead to an SQL...

Remote code execution

Authenticated remote code execution RCE in Composr-CMS 10.0.39 and earlier allows remote attackers to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-commandr...

Composr CMS Cross-Site Scripting Vulnerability

Composr CMS is an open source content management system CMS developed using HTML, CSS and WCAG technologies. A cross-site scripting vulnerability exists in Composr CMS version 10.0.13. A remote attacker can exploit this vulnerability by sending a page=admin-setupwizard&type=step3 request to...

SQL INJECTION VULNERABILITIES--ST-Gallery version 0.1 alpha-->

----------------------------------------------------------------- SQL INJECTION VULNERABILITIES--ST-Gallery version 0.1 alpha-- ----------------------------------------------------------------- CMS INFORMATION: --WEB: http://blog.sebastian-thiele.net/projekte/gallery/ --DOWNLOAD:...

Subdreamer 2.2.1 - SQL Injection Command Execution

Subdreamer 2.2.1 - SQL Injection Command Execution !/usr/bin/perl Subdreamer 2.2.1 command exec exploit @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ supported targets: without forum integration with phpBB2 integration with ipb2 integration with vbulletin2...