EUVD-2022-33989

Malicious code in bioql PyPI...

EUVD-2021-27500

Malicious code in bioql PyPI...

EUVD-2022-32374

Malicious code in bioql PyPI...

EUVD-2022-32878

Malicious code in bioql PyPI...

EUVD-2025-4453

Malicious code in bioql PyPI...

CVE-2025-10993

A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely...

CVE-2025-10993

MuYuCMS up to version 2.7 is affected by a code injection vulnerability in the Template Management component, specifically in /admin.php. The issue arises from an unknown functionality in that file, enabling remote code injection. Public references consistently describe remote exploitation, but n...

MuYuCMS 代码注入漏洞

MuYuCMS is MuYuCMS open source a lightweight open source content management system . MuYuCMS 2.7 and previous versions of the code injection vulnerability, the vulnerability stems from the file / admin.php in the template management component has an unknown functionality flaws, which may lead to...

PT-2025-39473

Name of the Vulnerable Software and Affected Versions MuYuCMS versions prior to 2.7 Description A security flaw exists in MuYuCMS up to version 2.7. This issue is related to an unknown functionality within the /admin.php file of the Template Management component, allowing for code injection. The...

CVE-2025-8434 code-projects Online Movie Streaming admin.php authorization

A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID leads to missing authorization. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-8247

CVE-2025-8247 affects Projectworlds Online Admission System 1.0. The vulnerability is an SQL injection in the /admin.php file caused by manipulation of the parameter markof. Exploitation can be performed remotely; multiple sources note the exploit has been publicly disclosed. The issue is tied to...

CVE-2025-7800 cgpandey hotelmis HTTP GET Request admin.php cross site scripting

A vulnerability classified as problematic was found in cgpandey hotelmis up to c572198e6c4780fccc63b1d3e8f3f72f825fc94e. This vulnerability affects unknown code of the file admin.php of the component HTTP GET Request Handler. The manipulation of the argument Search leads to cross site scripting...

CVE-2025-7800

CVE-2025-7800 affects cgpandey hotelmis (admin.php) with a vulnerability in the HTTP GET Request Handler: manipulation of the Search parameter enables cross-site scripting. The issue is exploitable remotely and is tied to versions prior to c572198e6c4780fccc63b1d3e8f3f72f825fc94e6. PT-Security no...

CVE-2025-5371 SourceCodester Health Center Patient Record Management System admin.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Health Center Patient Record Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/admin.php. The manipulation of the argument Username leads to sql injection. The attack m...

CVE-2024-48708

Collabtive 3.1 is vulnerable to Cross-Site Scripting XSS via the name parameter in a file tasklist.php under action = add/edit and in b file admin.php under action = adduser/edituser...

CVE-2024-48707

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the name parameter under a action=add or action=edit within managemilestone.php file and b action=addpro within admin.php file...

CVE-2024-46240

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file...

CVE-2024-8523

A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue is the function formatData of the file /admin.php?m=Acquisi=testcj=1 of the component SQL Command Execution Module. The manipulation of the argument data leads to code injection. The attack may be...

CVE-2024-11127

A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploi...

CVE-2023-45201

Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL...