EUVD-2026-21980

A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php. Such manipulation of the argument User leads to sql injection. The attack may be launched remotely. The exploit is...

CVE-2018-25203

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blin...

CVE-2020-37076 Victor CMS 1.0 - 'post' SQL Injection

Victor CMS version 1.0 contains a SQL injection vulnerability in the 'post' parameter on post.php that allows remote attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted UNION SELECT payloads to extract database information through boolean-based,...

EUVD-2007-5240

Malware in sbrugna...

EUVD-2025-11542

Malicious code in bioql PyPI...

CVE-2025-5431

CVE-2025-5431 affects AssamLook CMS 1.0. The vulnerability is in an unknown function of the file /department-profile.php where manipulation of the ID argument leads to SQL injection. It can be exploited remotely and, per public disclosures, an exploit exists. Several sources corroborate the issue...

CVE-2025-29709

SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio...

CVE-2025-29708

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services...

CVE-2024-48191

This CVE affects dingfanzu CMS 1.0, where a Cross-Site Request Forgery (CSRF) flaw exists in the admin action endpoint /admin/doAdminAction.php?act=delAdmin&id=17. The root cause is CSRF permitting unauthorized actions via that endpoint, enabling an attacker to trigger admin deletions without aut...

CVE-2024-46485

dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/doAdminAction.php?act=addCate...

Marc@TMS CMS 1.0 SQL Injection

============================================================================================================================================= | Title : Marc@TMS cms v1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits...

Purei CMS 1.0 - SQL Injection Vulnerability

Exploit Title: Purei CMS 1.0 - SQL Injection Exploit Author: Number 7 Vendor Homepage: purei.com Version: 1.0 Tested on: Linux Introduction: An SQL injection vulnerability permits attackers to modify backend SQL statements through manipulation of user input. Such an injection transpires when web...

IWT Imagine CMS 1.0 Cross Site Scripting

==================================================================================================================================== | Title : IWT Imagineِ CMS v1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.232-bit | | Vend...

imax CMS 1.0 SQL Injection

==================================================================================================================================== | Title : imax CMS v1.0 Sql Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | |...

Elevel CMS 1.0 SQL Injection

==================================================================================================================================== | Title : Elevel CMS v1.0 authentication bypass vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2...

BlogMagz CMS 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

CVE-2020-23966

Victor CMS 1.0 is affected by a SQL Injection in the post parameter of /post.php via crafted GET requests. The vulnerability allows an attacker to execute arbitrary commands, with CVSS 3.1 base score 9.8 (CRITICAL) and impacts to confidentiality, integrity, and availability (C:H, I:H, A:H). Root ...

CVE-2020-23966

SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET request...

Authentication flaw

A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard/settings. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit ha...

CVE-2022-26613

PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability via the category parameter in categorymenu.php...