EUVD-2023-23569

Malicious code in bioql PyPI...

CVE-2023-1308

A vulnerability classified as critical has been found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/adminlog.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

CVE-2023-1308

A vulnerability classified as critical has been found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/adminlog.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

Sql injection

A vulnerability classified as critical has been found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/adminlog.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

CVE-2023-1308 SourceCodester Online Graduate Tracer System adminlog.php sql injection

A vulnerability classified as critical has been found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/adminlog.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

Sql injection

An issue was discovered in BearAdmin 0.5. There is admin/adminlog/index.html?userid= SQL injection because admin\controller\AdminLog.php constructs a MySQL query improperly...

CVE-2017-15731

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/stat.adminlog.php...

VBulletin <= 3.7.1 - admincp/faq.php Injection adminlog.php XSS

No description provided by source. source: http://www.securityfocus.com/bid/30134/info vBulletin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

vBulletin adminlog.php请求记录HTML注入漏洞

BUGTRAQ ID: 30134 vBulletin是一款开放源代码PHP论坛程序。 vBulletin管理控制面板的日志查看页面存在跨站脚本漏洞。如果用户请求了缺失的页面时，就会在管理区域创建日志，但没有过滤检查该日志的输入。脚本名称是从basenamePHPSELF获得的，操作是从REQUEST'do'获得的，这两种方式都可能导致跨站脚本攻击。 VBulletin VBulletin 3.7.2 VBulletin VBulletin 3.6.10 PL2 VBulletin --------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

vBulletin 3.7.1 - admincpfaq.php?Injection adminlog.php Cross-Site Scripting

vBulletin 3.7.1 - admincpfaq.php?Injection adminlog.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30134/info vBulletin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...

DayfoxBlogv2.0.txt

BiyoSecurity.Org script name : Dayfox Blog v2.0 Risk : High Regards : Dj ReMix Thanks : Korsan , Liz0zim Vulnerable files : adminlog.php postblog.php index.php index2.php Vulnerable code : includeonce $sloginpath . "/sloginlib.inc.php"; includeonce $sloginpath . "/header.inc.php"; Exploit :...