Lavalite CMS 安全漏洞

Lavalite CMS is an open-source content management system based on PHP. Version 10.1.0 of Lavalite CMS has a security vulnerability caused by improper access control, which may allow low-privilege users to directly access the administration backend...

CVE-2026-0589

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be us...

CVE-2026-0589

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be us...

CVE-2026-0589

The CVE-2026-0589 entry concerns code-projects Online Product Reservation System 1.0, specifically the Administration Backend. The documented issue is improper authentication within an unknown function of the Admin Backend that can be triggered remotely. Public exploit information exists, with ex...

EUVD-2026-0856

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be us...

PT-2026-1276

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description An issue exists in the Administration Backend component that allows for improper authentication. The issue is triggered by a manipulation of an unknown function. The explo...

tpAdmin 代码问题漏洞

tpAdmin is a ThinkPHP5 based administration backend. A code issue vulnerability exists in yuan1994 tpAdmin version 1.3.12, which stems from an incorrect manipulation of the parameter file resulting in unrestricted uploads...

Xiaomi Mi Jia ink-jet printer injection vulnerability

Xiaomi Mi Jia ink-jet printer is a multifunctional printer from China's Xiaomi Technology Xiaomi. A security vulnerability exists in versions prior to Xiaomi Mi Jia ink-jet printer 3.4.60138. The vulnerability can be exploited by an attacker to inject parameters into the ippserver via the web...

seacms variable override vulnerability

SeaCms is a set of applications for building online movies with PHP+MYSQL architecture. A global variable override vulnerability exists in seacms version 6.26. An attacker who successfully exploits this vulnerability can directly access the administration backend of the website...

NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities

Document Title: =============== NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=685 Release Date: ============= 2012-08-18 Vulnerability Laboratory ID VL-ID: ==================================== 685...

CVE-2011-1480

CVE-2011-1480 affects PHP-Nuke (admin.php) in the admin backend of PHP-Nuke 8.0 and earlier. The vulnerability is an SQL injection via the chng_uid parameter, allowing remote attackers to execute arbitrary SQL commands. The available connected documents confirm the affected software/version range...

PHP-Nuke 8.x Blind SQL Injection

PHP-Nuke 8.x /admin.php POST...