EUVD-2025-31419

Malicious code in bioql PyPI...

CVE-2025-11054

A security vulnerability has been detected in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/category/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-11054

A security vulnerability has been detected in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/category/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-11054 itsourcecode Open Source Job Portal index.php sql injection

A security vulnerability has been detected in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/category/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

PT-2025-39721

Name of the Vulnerable Software and Affected Versions itsourcecode Open Source Job Portal version 1.0 Description A security issue exists in itsourcecode Open Source Job Portal 1.0. Manipulation of the ID argument in the file /jobportal/admin/category/index.php?view=edit can lead to SQL injection...

CVE-2017-15198

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit a category of a private project of another user...

CVE-2024-10996

A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/processcategoryedit.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The...

1000 Projects Bookstore Management System 注入漏洞

1000 Projects Bookstore Management System is an open source bookstore management system from 1000 Projects. An injection vulnerability exists in 1000 Projects Bookstore Management System version 1.0, which stems from the parameter cat in the file /admin/processcategoryedit.php that can cause SQL...

Business Card <= 1.0.0 - Category Edit via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing card categories via CSRF attacks Make a logged in admin open an HTML document containing:...

Business Card <= 1.0.0 - Category Edit via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing card categories via CSRF attacks PoC Make a logged in admin open an HTML document containing:...

CVE-2024-27694

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the /system/share/ztreecategoryedit...

FlyCms 安全漏洞

FlyCms is an application. A similar to Zhihu to Q&A based on the completely open source JAVA language development of social network building program. A cross-site request forgery vulnerability exists in FlyCms v1.0, which stems from /system/share/ztreecategoryedit does not adequately validate...

PT-2024-21993 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. It affects the "/system/share/ztree category edit" API endpoint. Recommendations: For FlyCms version 1.0, as a temporary workaround,...

CVE-2024-22939

Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/categoryedit component...

FlyCms Security Vulnerability

sunkaifei FlyCms is sunkaifei open source application . A similar to Zhihu based on Q&A completely open source JAVA language development of social networking site builder . FlyCms v.1.0 version of a security vulnerability . Remote attackers use this vulnerability through the...

PT-2024-19621 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: A Cross Site Request Forgery vulnerability allows a remote attacker to execute arbitrary code via the "system/article/category edit" component. This issue enables attackers to perform unauthorized actions on...

OpenRapid RapidCMS SQL Injection Vulnerability

OpenRapid RapidCMS is OpenRapid open source a fast and easy to use CMS system. RapidCMS version 1.3.1 SQL injection vulnerability , the vulnerability stems from the file admin/category/cate-edit-run.php SQL injection vulnerability...

CVE-2020-18132

Cross Site Scripting XSS vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code via the category name field to categoryEdit...

PT-2022-22610 · Unknown · Complete Online Job Search System

Name of the Vulnerable Software and Affected Versions: Complete Online Job Search System version 1.0 Description: A cross-site scripting XSS issue was found in the CATEGORY parameter at the "/category/controller.php?action=edit" API endpoint. This allows for potential malicious script execution...

CVE-2022-2263

A vulnerability was found in Online Hotel Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file editroomcat.php of the component Room Handler. The manipulation of the argument roomname leads to sql injection. The attack may be launched...