EUVD-2025-29860

Malicious code in bioql PyPI...

CVE-2025-10821

A flaw has been found in fuyanglipengjun platform 1.0. The affected element is the function TopicCategoryController of the file /topiccategory/queryAll. This manipulation causes improper authorization. The attack is possible to be carried out remotely. The exploit has been published and may be us...

CVE-2025-10821 fuyang_lipengjun platform queryAll TopicCategoryController improper authorization

A flaw has been found in fuyanglipengjun platform 1.0. The affected element is the function TopicCategoryController of the file /topiccategory/queryAll. This manipulation causes improper authorization. The attack is possible to be carried out remotely. The exploit has been published and may be us...

PT-2025-39088

Name of the Vulnerable Software and Affected Versions fuyang lipengjun platform version 1.0 Description An improper authorization issue exists in the TopicCategoryController function within the /topiccategory/queryAll file of the fuyang lipengjun platform. This allows for remote attacks. The...

Weitong Mall 授权问题漏洞

Weitong Mall is a shopping mall system developed by fuyanglipengjun. Weitong Mall version 1.0 has an authorization issue vulnerability, the vulnerability stems from improper authorization of the TopicCategoryController function in the file /topiccategory/queryAll, which may lead to remote attacks...

CVE-2025-10674 fuyang_lipengjun platform queryAll AttributeCategoryController improper authorization

A vulnerability was identified in fuyanglipengjun platform 1.0. This affects the function AttributeCategoryController of the file /attributecategory/queryAll. Such manipulation leads to improper authorization. The attack may be launched remotely. The exploit is publicly available and might be use...

CVE-2025-10674

CVE-2025-10674 affects the fuyang_lipengjun platform v1.0, specifically the AttributeCategoryController at /attributecategory/queryAll. The vulnerability is described as improper authorization that can be exploited remotely, with public exploit material available. Connected sources corroborate th...

CVE-2024-8466

SQL injection vulnerability, by which an attacker could send a specially designed query through CATEGORY parameter in /jobportal/admin/category/controller.php, and retrieve all the information stored in it...

CVE-2024-2677

A vulnerability has been found in Campcodes Online Job Finder System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/category/controller.php. The manipulation of the argument CATEGORYID leads to sql injection. The attack can be launche...

CVE-2024-2677 Campcodes Online Job Finder System controller.php sql injection

A vulnerability has been found in Campcodes Online Job Finder System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/category/controller.php. The manipulation of the argument CATEGORYID leads to sql injection. The attack can be launche...

CVE-2023-1507

A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ecommerce/admin/category/controller.php of the component Category Name Handler. The manipulation of the argument CATEGORY...

CVE-2022-35163

Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the UNAME parameter at /category/controller.php?action=edit...

CVE-2022-35163

Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the UNAME parameter at /category/controller.php?action=edit...

CVE-2022-35163

Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the UNAME parameter at /category/controller.php?action=edit...

Cross site scripting

Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the UNAME parameter at /category/controller.php?action=edit...

CVE-2021-37538

Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the idcategory parameter to the...

SQL Injection Vulnerability in IBOS Enterprise Collaboration Management Software CategoryController.php Page

IBOS Enterprise Collaboration Management Software is a PHP-based collaborative office management system. A SQL injection vulnerability exists in the CategoryController.php page of IBOS Enterprise Collaboration Management Software. An attacker is allowed to exploit the vulnerability to obtain...