Exploit for CVE-2023-34632

CVE-2023-346...

EUVD-2018-10103

Malware in sbrugna...

EUVD-2022-43196

Malicious code in bioql PyPI...

CVE-2022-3856

The Comic Book Management System WordPress plugin before 2.2.0 does not sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin...

CVE-2025-2831 mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 bookList getBookList sql injection

A vulnerability has been found in mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 up to d4836f6b49cd0ac79a4021b15ce99ff7229d4694 and classified as critical. This vulnerability affects the function getBookList of the file /admin/bookList?page=1&limit=10. The manipulation of the argument condition leads ...

tushuguanlixitong 安全漏洞

tushuguanlixitong book management system is a book management system by the individual developer of China Mingyuefusu 明月复苏. A security vulnerability exists in tushuguanlixitong, which stems from an incorrect manipulation of the parameter condition that can lead to SQL injection...

tushuguanlixitong 安全漏洞

tushuguanlixitong book management system is a book management system by the individual developer of China Mingyuefusu 明月复苏. A security vulnerability exists in tushuguanlixitong, which stems from certain unknown processing that could lead to cross-site request forgery...

tushuguanlixitong 安全漏洞

tushuguanlixitong book management system is a book management system by the individual developer of China Mingyuefusu 明月复苏. A security vulnerability exists in tushuguanlixitong, which stems from a misuse of the parameter Request that can lead to improper access control...

CVE-2022-3856

The Comic Book Management System WordPress plugin before 2.2.0 does not sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin...

CVE-2022-3856

Summary: CVE-2022-3856 affects the WordPress plugin “Comic Book Management System” prior to version 2.2.0. The issue is a SQL injection caused by not sanitizing/escaping a parameter before it is used in a SQL statement, enabling exploitation by users with a role as low as Admin (no user interacti...

CVE-2022-3856 Comic Book Management System < 2.2.0 - Admin+ SQLi

The Comic Book Management System WordPress plugin before 2.2.0 does not sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin...

PT-2022-24455 · WordPress · Comic Book Management System

Name of the Vulnerable Software and Affected Versions: The Comic Book Management System WordPress plugin versions prior to 2.2.0 Description: The issue is related to a SQL injection that occurs because a parameter is not properly sanitized and escaped before being used in a SQL statement. This ca...

CVE-2022-37796

In Simple Online Book Store System 1.0 in /adminbook.php the Title, Author, and Description parameters are vulnerable to Cross Site ScriptingXSS...

Cross-site Scripting (XSS) - Reflected in janeczku/calibre-web

Description There is a reflected XSS vulnerability on the site calibre-web. Proof of Concept 1. go to the calibre e-book management 2. create a new book give the title name 3. and give the title sort name 4. save and go to the website 5.go to Author 6.press one of the books 7. then right click an...

Oscar Arzola PressBooks Cross-Site Scripting Vulnerability

Oscar Arzola PressBooks is an application by the individual developer Oscar Arzolat in China. Provides a book content management system. PressBooks has a cross-site scripting vulnerability in version 5.17.3. The vulnerability can be triggered by submitting a long book description to the platform ...

SQL Injection Vulnerability in EML Enterprise Address Book Management System fu***.class.php File

EML enterprise address book management system is based on Linux open kernel and Apache based Php+Mysql intelligent B/S interactive service system. EML Enterprise Address Book Management System fu.class.php file has a SQL injection vulnerability, which can be exploited by attackers to obtain...

CVE-2018-18372

A Stored XSS vulnerability has been discovered in KAASoft Library CMS - Powerful Book Management System 2.1.1 via the /admin/book/create/ title parameter...

Cross site scripting

A Stored XSS vulnerability has been discovered in KAASoft Library CMS - Powerful Book Management System 2.1.1 via the /admin/book/create/ title parameter...

CVE-2018-18372

KAASoft Library CMS - Powerful Book Management System 2.1.1 is affected by a Stored XSS vulnerability exploitable through the /admin/book/create/ title parameter. The issue arises from injecting malicious content via the title field, which can be reflected in the application and potentially execu...

CVE-2018-18372

A Stored XSS vulnerability has been discovered in KAASoft Library CMS - Powerful Book Management System 2.1.1 via the /admin/book/create/ title parameter...