CVE-2025-8220

A vulnerability has been found in Engeman Web up to 12.0.0.2. The affected element is an unknown function of the file /Login/RecoveryPass of the component Password Recovery Page. The manipulation of the argument LanguageCombobox as part of Cookie leads to sql injection. The attack is possible to ...

PHP iCalendar 2.21 - 'cookie' Remote Code Execution

!/usr/bin/php -q -d shortopentag=on arbitrary local inclusion through cookies\r\n"; echo "by rgod rgodautisticiorg\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; short explaination: phpICal stores language & template user preferences inside cookies. Theese values are used to include...