CVE-2025-12261

A vulnerability was found in CodeAstro Gym Management System 1.0. This affects an unknown function of the file /admin/actions/remove-announcement.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been made public and...

ShopBuilder module\adv\admin\adv. php, etc. 5 SQL injection

ShopBuilder description ShopBuilder is designed for large and medium-sized enterprises to develop the professional-level e-Commerce Mall system, powerful, safe and convenient, can carry tens of millions of views, make the enterprise low-cost to quickly build an online Mall, turn on the e-Commerce...

CVE-2012-4686

The provided connected sources confirm CVE-2012-4686 affects vBulletin 4.1.10, where an SQL injection flaw exists in announcement.php via the announcementid parameter. This allows remote attackers to execute arbitrary SQL commands, compromising data integrity and potentially confidentiality and a...

vBulletin 4.1.10 SQL Injection

Exploit Title : vBulletin 4.1.10 Sql Injection Vulnerabilitiy Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir Software Link : http://vbulletin.com Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows Server - win7 Dork : "Powered By Vbulletin" Expl0iTs :...

CVE-2004-2511

Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the year, 2 month, and 3 day parameters in calendar.php; 4 the cid and 5 url parameters in index.php; 6 the cid parameter in annoucement.php; 7 the...