CVE-2026-1059

A security vulnerability has been detected in FeMiner wms up to 9cad1f1b179a98b9547fd003c23b07c7594775fa. Affected by this vulnerability is an unknown functionality of the file /src/chkuser.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried...

CVE-2026-1059

FeMiner wms is affected by CVE-2026-1059 via /src/chkuser.php, where manipulating the Username parameter leads to SQL injection. The issue is exploitable remotely and publicly disclosed. Affected versions are prior to the commit 9cad1f1b179a98b9547fd003c23b07c7594775fa; due to the rolling-release...

CVE-2026-1059 FeMiner wms chkuser.php sql injection

A security vulnerability has been detected in FeMiner wms up to 9cad1f1b179a98b9547fd003c23b07c7594775fa. Affected by this vulnerability is an unknown functionality of the file /src/chkuser.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried...

EUVD-2020-10468

Malware in sbrugna...

EUVD-2025-31167

Malicious code in bioql PyPI...

CVE-2025-10967 MuFen-mker PHP-Usermm chkuser.php sql injection

A vulnerability was detected in MuFen-mker PHP-Usermm up to 37f2d24e51b04346dfc565b93fc2fc6b37bdaea9. This affects an unknown part of the file /chkuser.php. Performing manipulation of the argument Username results in sql injection. The attack may be initiated remotely. The exploit is now public a...

CVE-2025-10967

The CVE-2025-10967 entry relates to MuFen-mker PHP-Usermm (versions up to 37f2d24e51b04346dfc565b93fc2fc6b37bdaea9). A SQL injection vulnerability exists in file /chkuser.php caused by manipulating the Username parameter. The attack can be remote and exploit is public. Public details about affect...

PT-2025-39449

Name of the Vulnerable Software and Affected Versions MuFen-mker PHP-Usermm versions prior to 37f2d24e51b04346dfc565b93fc2fc6b37bdaea9 Description A SQL injection issue exists in the file /chkuser.php due to manipulation of the Username argument. This allows for remote attacks. The exploit is...

CVE-2020-18544

SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php"...

CVE-2020-18544

SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php"...

Sql injection

SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php"...

CVE-2020-18544

CVE-2020-18544 affects WMS v1.0, where a SQL injection in chkuser.php via the username parameter allows remote attackers to execute arbitrary code. Root cause: improper handling of user input in the login/component path leads to SQL injection. Documented impact indicates potential arbitrary code ...

WMS SQL注入漏洞

WMS is a warehouse management software. A SQL injection vulnerability exists in WMS version 1.0, which can be exploited by remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php"...