CVE-2020-37222

Kuicms Php EE 2.0 is affected by a persistent cross-site scripting (XSS) vulnerability. The issue allows unauthenticated attackers to inject arbitrary scripts by submitting crafted content through the bbs reply endpoint (POST to /web/?c=bbs&a=reply) with HTML/JavaScript payloads in the content pa...

CVE-2025-65779

Wekan up to version 18.15 is affected; fixed in 18.16. An unauthenticated attacker can update a board's sort value because Boards.allow returns true without verifying userId, enabling arbitrary reordering of boards. Affected: Wekan (Open Source Kanban board) prior to 18.16. Impact: potential alte...

CVE-2025-61464

gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the searchtable in bbs/search.php...

EUVD-2011-1341

Malware in sbrugna...

EUVD-2005-4328

Malware in sbrugna...

EUVD-2006-1580

Malware in sbrugna...

EUVD-2023-55513

Malicious code in bioql PyPI...

EUVD-2025-13318

Malicious code in bioql PyPI...

EUVD-2025-16823

Malicious code in bioql PyPI...

EUVD-2025-16969

Malicious code in bioql PyPI...

EUVD-2023-55506

Malicious code in bioql PyPI...

CVE-2025-6301

A vulnerability, which was classified as problematic, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /admin/manage-notices.php of the component Add Notice. The manipulation of the argument Title/Description leads to cross site scriptin...

CVE-2025-6301

A vulnerability, which was classified as problematic, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /admin/manage-notices.php of the component Add Notice. The manipulation of the argument Title/Description leads to cross site scriptin...

CVE-2025-6301

CVE-2025-6301 affects PHPGurukul Notice Board System 1.0, specifically the Add Notice component via /admin/manage-notices.php. Multiple sources describe a cross-site scripting vulnerability triggered by manipulating the Title/Description parameters, enabling remote exploitation with publicly disc...

PHPGurukul Notice Board System 代码注入漏洞

Notice Board System is a bulletin board system. Notice Board System has a cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the parameters Title/Description in the file /admin/manage-notices.php, which can be...

PT-2025-26269 · Unknown · Phpgurukul Notice Board System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Notice Board System version 1.0 Description: A problematic issue has been found in the PHPGurukul Notice Board System, affecting the file /admin/manage-notices.php of the Add Notice component. The manipulation of the Title and...

Notice Board System admin-profile.php File SQL Injection Vulnerability

Notice Board System is a bulletin board system. A SQL injection vulnerability exists in the Notice Board System, which originates from a lack of validation of externally-entered SQL statements in the parameter mobilenumber in file /admin-profile.php. An attacker can exploit this vulnerability to...

Notice Board System search-notice.php File SQL Injection Vulnerability

Notice Board System is a bulletin board system. The Notice Board System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchdata in the file /search-notice.php. An attacker can exploit this vulnerability to...

Notice Board System forgot-password.php File SQL Injection Vulnerability

Notice Board System is a bulletin board system. The Notice Board System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the file /forgot-password.php parameter email. An attacker can exploit this vulnerability to execute...

CVE-2025-5639

A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has be...