CVE-2020-37246

Supsystic Backup 2.3.9 contains a local file inclusion vulnerability that allows unauthenticated attackers to read and delete arbitrary files by manipulating the download path parameter. Attackers can modify the download parameter in admin.php requests with directory traversal sequences to access...

CVE-2026-4844

A vulnerability was detected in code-projects Online Food Ordering System 1.0. This issue affects some unknown processing of the file /admin.php of the component Admin Login Module. The manipulation of the argument Username results in sql injection. The attack may be performed from remote. The...

EUVD-2018-17440

Malware in sbrugna...

CVE-2020-19165

PHPSHE 1.7 has SQL injection via the admin.php?mod=userid=1 userlevelid parameter...

Piwigo SQL注入漏洞

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A SQL injection vulnerability exists in Piwigo version 11.5.0, which stems from a lack of validation of the id parameter in admin.php...

PHPSHE Mall System SQL注入漏洞

PHPSHE is a set of online shopping mall system of China Lingbao Jane Hao Network Technology PHPSHE Company. The system supports express tracking, online chat, order evaluation and statistics and other functions. A security vulnerability exists in PHPSHE Mall System v1.7 that allows remote attacke...

CVE-2019-6708

PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter...

CVE-2018-16237

An issue was discovered in damiCMS V6.0.1. There is Directory Traversal via '|' characters in the s parameter to admin.php, as demonstrated by an admin.php?s=Tpl/Add/id/c:|windows|win.ini URI...

CVE-2018-5666

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php bgcolor parameter...