EUVD-2025-31161

Malicious code in bioql PyPI...

CVE-2025-10973

A flaw has been found in JackieDYH Resume-management-system up to fb6b857d852dd796e748ce30c606fe5e61c18273. Affected by this issue is some unknown functionality of the file /admin/show.php. This manipulation of the argument userid causes sql injection. The attack may be initiated remotely. The...

CVE-2025-10973

A flaw has been found in JackieDYH Resume-management-system up to fb6b857d852dd796e748ce30c606fe5e61c18273. Affected by this issue is some unknown functionality of the file /admin/show.php. This manipulation of the argument userid causes sql injection. The attack may be initiated remotely. The...

PT-2025-39456

Name of the Vulnerable Software and Affected Versions JackieDYH Resume-management-system versions prior to fb6b857d852dd796e748ce30c606fe5e61c18273 Description A flaw exists in JackieDYH Resume-management-system that allows for SQL injection through manipulation of the userid argument in the...

Resume management system SQL注入漏洞

Resume management system is a resume management system by JackieDYH Personal Developer. A SQL injection vulnerability exists in the Resume management system, which stems from an incorrect manipulation of the parameter userid in the file /admin/show.php, which could lead to a SQL injection attack...

CVE-2024-25314

Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel/admin/show.php?sid=2...

Hotel Managment System SQL Injection Vulnerability

Hotel Managment System is an open source hotel management system from Code-projects. Hotel Managment System version 1.0 suffers from a SQL injection vulnerability that originates from allowing SQL injection via the sid parameter in Hotel/admin/show.php...

CVE-2022-25574

A stored cross-site scripting XSS vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file...

CVE-2022-25574

A stored cross-site scripting XSS vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file...

PT-2022-17376 · Douco · Douphp

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A stored cross-site scripting XSS issue exists in the upload function of the "/admin/show.php" API endpoint, allowing attackers to execute arbitrary web scripts or HTML via a crafte...

DouCo DouPHP Cross-Site Scripting Vulnerability (CNVD-2019-00998)

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A cross-site scripting vulnerability exists in admin/show.php?rec=update in DouCo DouPHP version 1.5 20181221. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML wi...

CVE-2018-20560

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/show.php?rec=update has XSS via the showname parameter...

CVE-2011-4958

Cross-site scripting XSS vulnerability in the process function in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING to template placeholders, as demonstrated by a request to 1 admin/reports/, 2...

Cross site scripting

Cross-site scripting XSS vulnerability in the process function in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING to template placeholders, as demonstrated by a request to 1 admin/reports/, 2...