CVE-2025-11426 projectworlds Advanced Library Management System edit_book.php unrestricted upload

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...

EUVD-2008-6140

Malware in sbrugna...

EUVD-2025-32008

Malicious code in bioql PyPI...

CVE-2025-40647 Stored Cross-Site Scripting (XSS) vulnerability in Issabel products

Stored Cross-Site Scripting XSS vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, through the 'email' parameter in '/index.php?menu=addressbook'...

CVE-2025-6900

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclos...

CVE-2020-25515

Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books New Book , http:///lms/index.php?page=books...

CVE-2019-9145

An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page...

CVE-2025-1174

A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file processbookadd.php of the component Add Book Page. The manipulation of the argument Book Name leads to cross site scripting. The attac...

AMSS++ Cross-Site Scripting Vulnerability

AMSS++ is a tool for office management support systems from Amssplus. A cross-site scripting vulnerability exists in AMSS++ version 4.31, which stems from a cross-site scripting vulnerability in the bid parameter of the /amssplus/modules/book/main/bookdetailkhetperson.php page...

Book Store Management System 跨站脚本漏洞

Book Store Management System is an online bookstore system. A security vulnerability exists in Book Store Management System v1.0, which stems from a cross-site scripting vulnerability in the /bsmsci/index.php/book page. No detailed vulnerability details are available at this time...

Tad Book3 访问控制错误漏洞

Tad Book3 is an XOOPS module by the individual developer of Tad in Taiwan, China, which can be used to write books, handouts, and as a notepad. Tad Book3 suffers from an authorization issue vulnerability that stems from the Tad Book3 Edit Book page not performing authentication. An attacker can u...

PHPGurukul Online Book Store SQL注入漏洞

PHPGurukul Online Book Store is a PHP-based online bookstore website system. A SQL injection vulnerability exists in Online Book Store v1.0, which arises from the lack of validation of externally entered SQL statements in database-based applications, and can be exploited by remote attackers to...

GHSA-9652-78HP-W58C Stored cross-site scripting in PressBooks

PressBooks 5.17.3 contains a cross-site scripting XSS. Stored XSS can be submitted via the Book Info's Long Description Body, and all actions to open or preview the books page will result in the triggering the stored XSS...

CVE-2008-6170

Cross-site scripting XSS vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title...

Hsycms Cross-Site Scripting Vulnerability

Hsycms is a content management system CMS based on ThinkPHP. The system has features such as in-site linking, site map, full-site pseudo-static and custom URL URLs. A cross-site scripting vulnerability exists in Hsycms V1.1, which can be exploited by remote attackers to inject arbitrary web scrip...

CVE-2019-9145

An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page...

Cross site scripting

An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page...

CVE-2019-9145

An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page...

CVE-2019-9145

An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page...

Open source PHP message feedback management system has XSS vulnerability

Open source PHP message feedback management system is a second development by avenjan a set of small and medium-sized enterprises and personal website for the message feedback management program system , based on PHP MySQL + Bootstrap development , open source and free to use . Open source PHP...