54 matches found
EUVD-2026-26789
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.25 via the 'wcfmdeletewcfmcustomer' due to missing validation on the 'customerid' user...
CVE-2026-6151 code-projects Vehicle Showroom Management System PaymentStatusFunction.php sql injection
A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...
CVE-2026-6151
A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...
CVE-2026-6151 code-projects Vehicle Showroom Management System PaymentStatusFunction.php sql injection
A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMERID results in sql injection. It is possible to launch the attack remotely. The exploit h...
CVE-2026-6151
CVE-2026-6151 affects the code-projects Vehicle Showroom Management System 1.0. The vulnerability exists in /util/PaymentStatusFunction.php where manipulating the argument CUSTOMER_ID leads to SQL injection. The issue can be exploited remotely and the exploit is public. No remediation details are...
CVE-2026-5157
A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected is an unknown function of the file /form/order.php of the component Order Module. Such manipulation of the argument custid leads to cross site scripting. The attack may be performed from remote. The exploit ...
CVE-2026-5157
CVE-2026-5157 affects code-projects Online Food Ordering System 1.0, specifically the Order Module’s /form/order.php. The vulnerability arises from manipulating the cust_id argument, enabling cross-site scripting (XSS). Exploitation can be performed remotely, and a public exploit is available. Do...
CVE-2026-5157 code-projects Online Food Ordering System Order order.php cross site scripting
A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected is an unknown function of the file /form/order.php of the component Order Module. Such manipulation of the argument custid leads to cross site scripting. The attack may be performed from remote. The exploit ...
CVE-2026-5157 code-projects Online Food Ordering System Order order.php cross site scripting
A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected is an unknown function of the file /form/order.php of the component Order Module. Such manipulation of the argument custid leads to cross site scripting. The attack may be performed from remote. The exploit ...
CVE-2026-5034
A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /editcostumer.php of the component Parameter Handler. This manipulation of the argument cosid causes sql injection. It is possible to initiate the attack remotely. The...
PT-2026-29144
A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected is an unknown function of the file /form/order.php of the component Order Module. Such manipulation of the argument cust id leads to cross site scripting. The attack may be performed from remote. The exploit...
Code-Projects Accounting System SQL注入漏洞
Code-Projects Accounting System is an accounting system developed by Code-Projects as open source. Version 1.0 of Code-Projects Accounting System has a SQL injection vulnerability. This vulnerability stems from improper handling of the cosid parameter in the file/viewcostumer.php, which may lead ...
EUVD-2014-4880
Malware in sbrugna...
MAL-2025-41471 Malicious code in @twork-data-services/communication-api-v4-communication-customer-id (npm)
--- -= Per source details. Do not edit below this line.=-...
CampCodes Complaint Management System 注入漏洞
CampCodes Complaint Management System is a complaint management system from CampCodes Philippines. Campcodes Complaint Management System version 1.0 suffers from an injection vulnerability that stems from improper handling of the parameter cid in the file /users/complaint-details.php, which could...
DaaS - Change master image it fails with "ProvisioningTaskError"
Unable to update DaaS Machine Catalog - Access Machine Catalog "Change master image" it fails with "ProvisioningTaskError" ErrorMessage - HandleExplicitStorage Failed Error retrieving item from path ""...
CVE-2025-4719
A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/cashtransaction.php. The manipulation of the argument cid leads to sql injection. The attack may be launched remotely. The...
CampCodes Sales and Inventory System 注入漏洞
CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in CampCodes Sales and Inventory System version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter cid in the file /pages/accountsummary.php...
Error "Invalid Client ID/Secret key" throws while configuring Probe Agent for Cloud Monitor
While configuring Citrix Probe Agent for Cloud Monitor it throws error "Invalid Client ID/Secret key" although Client ID, Secret and Customer ID are correct...
Customer Support System 1.0 SQL Injection
Exploit Title: Customer Support System 1.0 - Multiple SQL injection vulnerabilities Date: 15/12/2023 Exploit Author: Geraldo Alcantara Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...